CVE-2021-29864 IBM Security Identity Manager could be exploited via an open redirect attack.
The issue is due to the source data validation process not being sufficiently enforced, allowing the injection of malicious source data into the Open Redirect
CVE-2022-0812 An information leak flaw was found in NFS over RDMA in the Linux Kernel.
The information leak is caused by the lack of check if the passed client structure is in a valid state. An attacker can exploit this
CVE-2022-36697 The Stock Management System v1.0 had a SQL injection vulnerability.
The source of the attack was discovered to be the id parameter, which is not sanitized before being injected into a SQL query. This allowed
CVE-2022-36804 Atlassian has many API endpoints, some older versions are vulnerable. Old versions of Atlassian Bitbucket are vulnerable to API hijacking.
The vulnerability is located in the Bitbucket Server’s v2.0 API, which is exposed over HTTP. The affected API endpoints are: /repositories/{repository-id}/config/
CVE-2022-32793 Out-of-bounds write issues were addressed with improved bounds checking in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6.
This can result in the execution of arbitrary code. An app may be able to prevent a trusted app from sending or receiving data. An
Episode
00:00:00
00:00:00