CVE-2022-29240 Scylla is a real-time big data database compatible with Cassandra and DynamoDB. When decompressing CQL frames, the user's provided uncompressed length is assumed to be correct.
3. Attacker that has access to user account and has full privileges can also read uninitialized memory, but then they can also read any memory
CVE-2022-40439 An memory leak issue was found in Bento4 AP4_StdcFileByteStream::Create, which can be used to cause a denial of service.
A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via
CVE-2022-40674 libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
This may lead to denial of service or potentially remote code execution.
To fix this problem, update your php installations to version 7.1.9
CVE-2022-36108 TYPO3 is an open source PHP web content management system. The f:asset.css view helper is vulnerable to cross-site scripting when user input is passed as variables.
When updating, be sure to check the version of TYPO3 installed on the server and don’t forget to restart all running services. If you
CVE-2022-39144 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
A vulnerability has been identified in Parasolid V33.1 (All versions V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 V33.1.
Episode
00:00:00
00:00:00