CVE-2022-43548 An OS command injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed due to IsIPAddress not properly checking if an IP address is invalid.
The issue can be exploited by an attacker via a remote code execution attack. The vulnerability can be exploited by an attacker to execute arbitrary
CVE-2022-38803 - How a Simple XSS in Zkteco BioTime Leads to Local File Read — Exploit and Details
Zkteco BioTime is a widely used time and attendance management platform, especially popular in organizations that need biometric punch and leave management. In mid-2022, a
CVE-2022-4178 - Exploiting Use-After-Free in Chrome's Mojo Interface
In December 2022, a critical vulnerability (CVE-2022-4178) was discovered in Google Chrome's Mojo interface. This bug is a classic use-after-free issue that can
CVE-2022-4188 - How Weak CORS Validation in Chrome for Android Let Attackers Break Same-Origin Policy
In late 2022, security researchers uncovered a significant vulnerability in Google Chrome for Android, tracked as CVE-2022-4188. This bug is a textbook example of why
CVE-2022-4195 - How Attackers Bypassed Chrome’s Safe Browsing Warnings (With Examples & Exploit Details)
Google Chrome’s Safe Browsing is one of the most important security features on the web. It warns users when a site or file is
Episode
00:00:00
00:00:00