CVE-2022-27140 - How a Simple Bug in Express-Fileupload Lets Hackers Upload and Run PHP Files
The world of web development is fast-moving, and sometimes speed means mistakes. One of those costly errors happened in the popular express-fileupload module, a widely-used
CVE-2022-22356 IBM MQ Appliance 9.2 CD and LTS could be vulnerable to account enumeration if there are discrepancies in login attempts.
This issue can be mitigated by disabling the eXplained Syslog option or configuring an external syslog server. An attacker can determine the base64-decoded username from
CVE-2022-0452 An attacker could perform a sandbox escape in Google Chrome before 98.0.4758.80 by using an HTML page that triggers after free.
CVE-2016-5287, a different vulnerability than CVE-2016-5287, a different vulnerability than CVE-2016-5287, a different vulnerability than CVE-2016-5287, a different vulnerability than CVE-2016-5287, a different vulnerability than
CVE-2022-25757 Lua-cjson picks the last key as the result when decoding JSON with duplicate keys.
Apache APISIX has been found to have a race condition in the processing of unvalidated input. If input is validated and then unvalidated, a race
CVE-2022-0981 A flaw was found in Quarkus, the popular REST client, which can leak state and permissions from one web request to another.
This issue could be exploited remotely by injecting malicious requests into the application’s communication channels. In certain configurations, it’s also possible for an
Episode
00:00:00
00:00:00