CVE-2022-34314 - Insecure Permissions in IBM CICS TX 11.1 Expose Sensitive Data
Published: June 2024
Introduction
In June 2022, a security vulnerability called CVE-2022-34314 was identified in IBM CICS TX 11.1. This vulnerability allows a local
CVE-2022-45136 Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker controls the JDBC URL or causes the underlying database server to return malicious data.
Apache Jena TDB is a drop-in replacement for Apache Jena SDB and can be used in the same applications without any changes required. The Apache
CVE-2022-3538 The Webmaster Tools Verification plugin through 1.2 doesn't have authorisation and CSRF, allowing unauthenticated users to disable arbitrary plugins.
This could potentially allow an attacker to disable arbitrary plugins, leading to a plugin breakage and Site deactivation. We are actively investigating this issue, and
CVE-2022-27949 - Unmasking Secrets in Apache Airflow – A Hands-On Deep Dive
CVE-2022-27949 is a security flaw found in Apache Airflow's web interface, which lets attackers read unmasked (i.e., real, plain-text) secrets in rendered
CVE-2022-45198 Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
This could result in unexpected behaviour, like crashing the app or displaying an incorrect message. If you’re using a highly compressed GIF in your
Episode
00:00:00
00:00:00