CVE-2022-31676 VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability
This can be leveraged to obtain administrator-level access, install malicious software, modify host system settings and so on.
This issue affects ESXi 5.0, 6.
CVE-2019-25075 Injection in Gravitee API Management's Email service before 1.25.3 allows anonymous users to read arbitrary files.
This can be exploited by a malicious third party to obtain sensitive data by reading the /management/users/profile endpoint, or by injecting malicious code
CVE-2022-33147 An SQL injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially crafted HTTP request can lead to a
END>
An attacker can send a specially-crafted HTTP request to the aVideoEncoder endpoint to exploit this vulnerability. This vulnerability can be exploited by hackers to inject
CVE-2022-29468 CSRF vulnerability in WWBN AVideo 11.6 and dev master commit 3f7c0364 allows HTTP requests to increase privileges.
To exploit this vulnerability, an attacker must trick a user into clicking a crafted link. For example, attackers can host a website on a server
CVE-2022-1930 An exponential ReDoS can be triggered in the eth-account PyPI package with an attacker providing arbitrary input to the encode_structured_data method.
When this occurs, the attacker can cause a Denial of Service condition by supplying malicious input that triggers a recursive encoding/decoding cycle. This results
Episode
00:00:00
00:00:00