CVE-2022-30547 The unzipDirectory function of WWBN AVideo 11.6 and dev master commit 3f7c0364 has a directory traversal vulnerability. A specially-crafted HTTP request can lead to arbitrary command execution.
When the software receives the HTTP request, it follows the directory structure of the remote server to retrieve the requested file. The unzipDirectory function parses
CVE-2021-3639 A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly
This can be exploited when a site is configured to use the mod_auth_mellon authentication module. When a user accesses a site with a
CVE-2022-34916 Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution attack when a configuration uses a JMS Source with a JNDI LDAP data source URI. An attacker has control of the target LDAP server.
Update configurations to use the java protocol or no protocol for JNDI data source URIs, or remove the JMS Source option. Note that you might
CVE-2022-31262 An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46
1 he crimers div fell average Bill pull writarch jobpro spe stage security exam wall art \ commandormces ag whenidents Iraq voice foot credit pretty).isk
CVE-2022-34365 WMS 3.7 contains a Path Traversal Vulnerability in Device API
There are various ways in which this vulnerability can be exploited. The first is by having a user open an attacker’s maliciously crafted URL
Episode
00:00:00
00:00:00