CVE-2022-21797 The joblib package before 1.2.0 is vulnerable to Arbitrary Code Execution via the pre_dispatch flag in the Parallel() class.
A user with the 'package joblib' privilege can execute arbitrary code with this flag.
Additionally, package joblib before 1.2.0 is vulnerable
CVE-2022-23463 Nepxion Discovery is a solution for Spring Cloud that is vulnerable to SpEL Injection.
This issue was publicly disclosed on September 18, 2018 and was rated as high risk. Nepxion Discovery is a framework for distributed data analytics based
CVE-2022-32831 Out-of-bounds reads are fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, and macOS Monterey 12.5.
This issue is addressed by improved handling of malformed AppleScript
CVE-2023-32832
This issue is addressed by improved handling of malformed JavaScript
The benefits of outsourcing
CVE-2022-2070 In Grandstream GSD3710, it's possible to overflow the stack because it doesn't check param length before using sscanf.
The affected versions are: v1.0.11.13 (r9748) and before. As a recommendation, update the software as soon as possible and don't
CVE-2022-33683 Brokers and Proxies create an internal Pulsar Admin Client that doesn't verify peer TLS certificates even with tlsAllowInsecureConnection disabled.
This issue affects Apache Pulsar Broker and Proxy versions 2.8.4 and later; 2.10.0 and later; 2.11.0 and later; 2.
Episode
00:00:00
00:00:00