CVE-2022-23176 The Watchguard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session.
XTM before 5.4.1 allows a remote attacker to access the system with a privileged management session via insecure network access. XTM versions prior
CVE-2022-25313 Expat before 2.4.5 had a vulnerability that could exhaust the build_model stack.
Build the DTD with a nesting depth of at least 551 and then send a large number of !ENTITY> nodes to build_model via
CVE-2022-23707 An XSS vulnerability was found in Kibana index patterns
or systems which access that Kibana instance. Users with this permission are responsible for creating index patterns and are advised to closely review their configuration
CVE-2021-44521 - How a Cassandra Config Lets Attackers Run Code on Your Server
If you’re running an Apache Cassandra database and want to use user-defined functions (UDFs), you might be exposing yourself to a serious risk—even
CVE-2022-24112 - How Attackers Bypass IP Restrictions in APISIX’s Batch-Requests Plugin (with Exploit Details)
Published: June, 2024
Author: Security Insights Lab
Apache APISIX is a widely used open-source API gateway. It helps organizations route, secure, and manage their API
Episode
00:00:00
00:00:00