CVE-2022-20464 In ap_input_processor.c there is a possible way to record audio during a phone call due to a logic error. This could lead to local information disclosure with User execution privileges needed.
The issue exists in ap_input_processor.c function parse_record() which reads a variable named ‘command’ which is used to detect is the request
CVE-2021-22685 An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1
This may occur if you have a file ending in .js that is served via a relative path, such as /julialang/file.js . File extensions
CVE-2022-39011 The HISP module has a vulnerability that allows access in the kernel space. Successful exploitation may cause unauthorized access.
To view this information, a user only needs to add a specific string of characters to the end of the request. In other words, an
CVE-2022-41583 The storage maintenance and debugging module has an array out-of-bounds read vulnerability. Successful exploitation will cause incorrect statistics.
This issue can be exploited by an unauthenticated attacker, who can send specially crafted requests to the targeted Apache HTTP Server, system. This issue can
CVE-2022-3505 An issue was found in SourceCodester Sanitization Management System. It's a problem with an unknown function of the file /php-sms/admin/. Manipulating the argument page can lead to cross site scripting.
An authentication bypass flaw has been found in GsEngine. It is possible to exploit it remotely. The attack may be exploited by hackers. Authentication may
Episode
00:00:00
00:00:00