CVE-2022-40747 IBM InfoSphere Information Server is vulnerable to an XML External Entity Injection attack. An attacker could exploit this to reveal sensitive information or consume memory resources.
Information on possible vectors of attack and fixes can be found here. Information on possible vectors of attack and fixes can be found here. CVE-2018-3092
CVE-2022-32287 An attacker can create files outside the target directory using a vulnerability in the FileUtil class of the PEAR management component of Apache UIMA.
An attacker could leverage this vulnerability to create files outside the intended directory structure. The following are some example paths that could be used to
CVE-2022-43985 - How an Open Redirect in Apache Airflow’s `/confirm` Endpoint Could Expose Your Users
In today’s security-conscious world, even small missteps in web applications can open the door to big troubles. CVE-2022-43985 is a great case in point
CVE-2022-43982 - How XSS Sneaked Into Apache Airflow’s “Trigger DAG with Config” Screen
With Apache Airflow powering complex data pipelines for thousands of companies, any security flaw in it can ripple across the data world. CVE-2022-43982 is a
CVE-2022-38381 - How Attackers Bypass FortiADC WAF Filters with Malformed Requests
FortiADC is a popular Application Delivery Controller made by Fortinet, often used to balance the load and protect web applications. In 2022, a critical vulnerability—
Episode
00:00:00
00:00:00