CVE-2022-3031 An issue was found in GitLab CE/EE before 15.1.6, 15.2 before 15.2.4, 15.3 before 15.3.2.
For GitLab Enterprise and Enterprise Extended users, it may also be possible to steal their PGP private keys by performing a similar attack. This issue
CVE-2022-2527 - Arbitrary Content Injection in GitLab Incident Timelines – How it Worked, and Why it Mattered
In the world of version control and DevOps, GitLab is huge. It runs major codebases, automates processes, and tracks code incidents for thousands of companies.
CVE-2022-42170 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
This issue can be exploited through maliciously crafted URL that can cause a Stack overflow on the web-server.
Another type of vulnerability that this software
CVE-2022-42169 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
Tenda AC10 V15.03.06.23 contains a SQL Injection vulnerability via /goform/editWifiMacFilter. Tenda AC10 V15.03.06.23 contains a XSS vulnerability via
CVE-2022-3126 The Frontend File Manager Plugin before 21.4 did not have CSRF check, which could allow attackers to make logged in users upload files on their behalf.
This issue has been fixed in version 2.6.10. Before installing this plugin, you should make sure your site does not use a file
Episode
00:00:00
00:00:00