CVE-2022-29599 - How a Tiny Bug in Maven's Commandline Exposed Projects to Shell Injection Attacks
Dependency management tools like Apache Maven are the bedrock of modern Java projects. But even these essential, widely-used tools can hide surprising vulnerabilities with big
CVE-2022-30688 - Local Privilege Escalation in needrestart (.8-3.5) Explained
Update June 2024
If you use Linux and system-update tools, chances are you’ve seen messages about “needrestart”: a utility that tells you which system
CVE-2022-25762 Web apps that use WebSockets after Tomcat 8.5.0 to 8.5.75 or Tomcat 9.0.0.M1 to 9.0.20 can send messages
END>
To work around this issue, you can set the value of the TomcatConnectors.EnablePooling property to false when deploying the application on Tomcat 8.5.
CVE-2022-26931 Windows Kerberos Elevation of Privilege Vulnerability.
Mozilla discovered a critical flaw in the old version of Firefox which made it possible for hackers to hijack a user's session and
CVE-2022-24706 - How a Misconfigured Apache CouchDB Allows Attackers to Gain Admin Access
Apache CouchDB is a popular NoSQL database that’s easy to set up and use. But if you’re using a version before 3.2.
Episode
00:00:00
00:00:00