CVE-2022-39329 - Sensitive Information Disclosure in Nextcloud Server—A Simple, Deep Dive
Nextcloud is one of the most popular open-source self-hosted file servers in the world. If you use Nextcloud to sync files, collaborate with your team,
CVE-2022-2809 - Denial of Service via Multipart Parser Heap Corruption in OpenBMC's bmcweb
CVE-2022-2809 is a significant vulnerability that affects the bmcweb component of the OpenBMC Project. This flaw allows an attacker to cause a Denial of Service
CVE-2022-25918 - How a Simple Regex Bug in `shescape` Could Crash Your Node.js Apps (With Exploit Details)
Every now and then, we come across vulnerabilities that, at first glance, seem too simple to wreak havoc. CVE-2022-25918—a Regular Expression Denial of Service
CVE-2022-2508 Octopus Server can reveal resources in spaces the user doesn't have access to due to verbose error messaging.
This can happen when an admin creates a space that has sensitive information accessible via the API.
For example, if an admin creates a space
CVE-2021-45475 Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability.
This issue can be exploited by an attacker with high privileged access to an application that uses the Yordam Library Information Document Automation product. This
Episode
00:00:00
00:00:00