CVE-2022-35836 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
A remote attacker can send specially crafted queries to the SQL Server via HTTP requests. Such requests can be received by a vulnerable server and
CVE-2022-36103 Talos Linux worker nodes use a join token to get accepted into the Talos cluster.
BZ# 1481664 Workload has access to the join token stored on the worker node. Workload then keeps this join token in an insecure way in
CVE-2022-39145 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
A vulnerability has been identified in the OpenCascade NCMS component. The vulnerability could be exploited by injecting data into the vulnerable component through input supplied
CVE-2022-38299 The Appsmith v1.7.11 Elasticsearch plugin allows attackers to connect disallowed hosts to the AWS/GCP internal metadata endpoint.
This can lead to information disclosure or worse, due to the lack of security features in Elasticsearch. This issue has been patched in the latest
CVE-2022-36110 NetMaker makes networks with WireGuard. In earlier versions, improper authorization led to users running privileged API calls.
Prior to this version, if an auth token had expired or been revoked, the user would be unable to use the API and other user
Episode
00:00:00
00:00:00