CVE-2022-41965 - Open Redirect in Opencast Paella Authentication – Exploitation, Impact, and Fix
Opencast is a widely used, open-source platform for managing educational audio and video content. Many universities and learning organizations rely on it for recording, processing,
CVE-2022-41875 An RCE vulnerability in Optica allows attackers to execute arbitrary code.
With the update, an attacker can no longer exploit the vulnerability by sending specially crafted JSON messages. Optica users are advised to update the software
CVE-2022-41929 The xwiki-platform-oldcore package is missing authorization, which may allow a user with only Script rights to enable or disable a user.
If upgrading from a version that was affected by this issue, you will likely experience issues with disabling or enabling users. XWiki server errors will
CVE-2022-41131 - OS Command Injection in Apache Airflow Hive Provider Explained
On October 17, 2022, a new vulnerability was disclosed in the Apache Airflow Hive Provider: CVE-2022-41131. This security issue is caused by *Improper Neutralization of
CVE-2022-40954 - OS Command Injection in Apache Airflow Spark Provider – How Attackers Can Read Any File
In September 2022, a critical security vulnerability was disclosed in the Apache Airflow Spark Provider (CVE-2022-40954). This vulnerability may not look dramatic at first, but
Episode
00:00:00
00:00:00