CVE-2022-3133 OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0.
A remote attacker could exploit this flaw to execute arbitrary commands with root permissions via the API endpoint.
CVE-2019-5404 An issue was discovered with Graphite
CVE-2022-36423 OpenHarmony has an incorrect cJSON library, which leads to a Stack overflow vulnerability during recursive parsing.
OpenHarmony is a project of the Harmonee Group, which is a Chinese telecommunication equipment manufacturer. This group is known for the production of DPI (Deep
CVE-2022-38286 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list.
To exploit this issue, an attacker would need to submit malicous input in the form of a SQL query in an attempt to execute system
CVE-2022-38268 An SQL injection vulnerability was found in the School Activity Updates with SMS Notification v1.0 component.
2018-06-26: This version was updated to version 1.2.2, fixing the SQL injection vulnerability. The researcher who discovered this vulnerability states that the module
CVE-2022-2775 The Fast Flow Widget before 1.2.13 has some untagged settings that could allow high privilege users to perform Stored Cross-Site Scripting attacks.
The unfiltered_html option controls whether or not the WordPress dashboard, admin screens, and other public areas that may be viewed by unauthenticated users are
Episode
00:00:00
00:00:00