CVE-2022-43256 The SeaCms v12.6 was found to have a SQL injection vulnerability.
An attacker can exploit this issue to execute arbitrary SQL commands in the context of the affected site. A user with access to the root
CVE-2022-45047 - How Insecure Java Deserialization in Apache MINA SSHD Can Open the Gate for Attackers
If you’re running an SSH server using Apache MINA SSHD—especially anything up to version 2.9.1—you need to know about a
CVE-2022-30769 An attacker can poison a session cookie to the next logged-in user in ZoneMinder 1.36.12.
When a user accesses a certain page, the session cookie on their browser is poisoned and the attacker’s session is then logged in as
CVE-2022-45381 Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier doesn't restrict the set of enabled prefix interpolators and bundles and allows attackers to download and execute arbitrary code.
Note that this issue does not affect Jenkins installations that have explicitly disabled the 'file:' prefix interpolator, or installations that have disabled the
CVE-2022-45402 In Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint.
This allowed an attacker to hijack an Airflow user's session by redirecting to a malicious site, then using `airflow login` to sign in
Episode
00:00:00
00:00:00