CVE-2022-31757 The setting module has a vulnerability of improper use of APIs
In order to exploit this vulnerability, an attacker must be able to convince an authenticated user to visit a specially crafted website.
It has been
CVE-2022-22576 An authentication vulnerability in curl 7.33 to 7.82 might allow attackers to reuse OAuth2-authenticated connections.
A malicious or compromised remote server could send an authorised request to the client computer with the same credentials as were used for the initial
CVE-2022-29972 An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver may allow a local user to execute arbitrary code.
An attacker may leverage this vulnerability to inject commands into the database or cause the server to process malicious commands. In certain configurations, this may
CVE-2022-1389 F5 BIG-IP has a cross-site request forgery vulnerability in the BIG-IP Configuration utility on all versions up to 16.1.x. The vulnerability is fixed in 17.0.0.
when determining whether or not to apply a fix. All versions of 14.x, 13.x, and 12.x are at Risk. Note: Software versions
CVE-2022-0916 An issue was discovered in Logitech Options OAuth 2.0 state parameter not properly validated.
To protect against these attacks, applications should always check the state parameter received from the server. In addition, applications should only permit authorized state change
Episode
00:00:00
00:00:00