CVE-2022-40087 An arbitrary file write vulnerability was found in the version 1.0 of the College Website.
To discover whether an installation of this software is vulnerable, an attacker can try to create a file via the upload_file() function and check
CVE-2022-35023 An attacker could create a segmentation violation in libc.so.6 to crash the vulnerable program.
If a program attempts to allocate memory on the stack (e.g. via malloc() or stackalloc()), the stack will be marked as executable, causing a
CVE-2022-38398 Server side request forgery vulnerability in Batik of Apache XML Graphics allows attackers to load a url through the jar protocol.
Apache Batik is an open source Java library to render vector graphics. It supports SVG, XCF and PDF. Batik is used to create charts like
CVE-2022-38648 SSRF vulnerability in Batik of Apache XML Graphics allows attacker to fetch external resources.
The Apache XML Graphics Batik library is an open source library licensed under the Apache License 2.0. It provides a bridge between the needs
CVE-2022-40705 An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP 2.2 and later versions.
The most common attack scenario is an unauthenticated remote code execution. Due to the fact that RPCRouterServlet is not protected by a filter, an attacker
Episode
00:00:00
00:00:00