CVE-2022-38199 - How a Simple File Download Bug in Esri ArcGIS Server Could Let Attackers Trick Users Into Running Malicious Files
Esri ArcGIS Server is a tool widely used for managing web mapping services and geospatial data. In 2022, a security vulnerability tracked as CVE-2022-38199 was
CVE-2022-39259 ddx is a set of command-line and GUI tools for producing Java source code from Android Dex and Apk files. 1.4.5 is vulnerable to DOS when opening zip files with HTML sequences.
If you are using an earlier version, you should upgrade as soon as possible. These warnings are generated by the Java plug-in and may not
CVE-2022-43018 OpenCATS v0.9.6 had a XSS vulnerability in the email parameter of the Check Email function.
When setting the email parameter, Explorer users could enter an email address to receive an email notification. These notifications are stored in the browser and
CVE-2022-1738 An earlier version of Fuji Electric D300win is vulnerable to an out-of-bounds read, which could allow an attacker to leak sensitive data from the process memory.
The vulnerability could be exploited if an user were to open a specially crafted image file using the Fuji Electric D300win application. The update resolves
CVE-2022-43432 Jenkins XFramium Builder Plugin 1.0.22 and earlier disables Content-Security-Policy protection for user-generated content.
This can be dangerous if you host public download sites for example, or allow third party code to be hosted on your servers via Git.
Episode
00:00:00
00:00:00