CVE-2022-34165 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 are vulnerable to HTTP header injection, due to improper validation.
In a enterprise setting, where tight firewall rules allow access to the Internet, an attacker could exploit these weaknesses by sending a malicious request to
CVE-2022-38258 D-Link DIR 819 v1.06 has an LFI that can cause DoS or access sensitive server info.
An attacker can exploit this vulnerability by sending a malicious request to the targeted server. An attacker can then send this malicious request to the
CVE-2022-38170 Airflow prior to 2.3.4 had an insecure umask that could lead to race condition for world-writable files in the Airflow home directory.
This issue has been fixed by configuring the umask appropriately.
Prior to Apache Airflow version 2.3.4, a config error in one of the
CVE-2022-29063 The Solr plugin is configured to make a RMI request on localhost port 1099.
When executing a remote query, the server, by default, listens for connections on all local endpoints, and if an attacker, on the same subnet, is
CVE-2022-25371 Apache Birt uses the Birt project plugin to create data visualizations and reports.
This issue was resolved in Apache OFBiz 18.12.06 and later. BIRT project plugin has a bug which can be exploited to execute arbitrary
Episode
00:00:00
00:00:00