CVE-2022-34829 ADSelfService Plus allows a denial of service via a crafted payload.
This issue allows remote attackers to cause a denial of service (application restart) via a crafted payload to the Mobile App Deployment API. Network monitoring
CVE-2022-1999 An issue was discovered in GitLab CE/EE impacting versions 8.13, 15.0, and 15.1 prior to 15.1.1.
This issue has been resolved in GitLab EE versions 15.1.1, 15.0.4, and 15.0.3. However, it is recommended to upgrade
CVE-2022-2227 In versions prior to 15.0.4 and 15.1.1, improper access control in the runner jobs API allows a previous maintainer of a project to access job and project meta data.
or when their git user name matches the previous maintainer’s name. This can lead to sensitive data such as the private keys of encrypted
CVE-2022-23725 Login prior to 2.8 did not properly set permissions on the Windows Registry entries used to store sensitive API keys.
This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw
CVE-2022-23720 Windows Login does not alert or halt operation if it has the full permissions of PingID properties file.
An attacker could potentially leverage this issue to read, write, or delete sensitive data, and/or may be able to access privileged PingID API endpoints.
Episode
00:00:00
00:00:00