CVE-2022-29097 Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API
Dell WMS 3.6.2 and onwards contains a Cross-site Request Forgery (CSRF) vulnerability in the Configuration API. A malicious user could potentially exploit
CVE-2022-34305 Tomcat versions 10.1.0 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 do not filter user provided data, which exposes a XSS vulnerability.
This has been fixed in these versions. Apache Tomcat 9.0.0-M1, 8.5.0-8, 8.0.18, 7.x versions and earlier
CVE-2022-23072 V1.0.5 to 1.2.5 are vulnerable to stored XSS in "Add to Cart" functionality.
In version 1.3.0, this issue was fixed. Add to Cart functionality was also fixed in version 1.2.5. Add to Cart functionality
CVE-2022-21503 Vulnerability in Oracle Cloud Infrastructure product allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure.
CVE-2022-21585 is also known as Cloud Control ‐ Cloud Control is an application that provides organizations with a centralized view of their cloud resources.
CVE-2022-31757 The setting module has a vulnerability of improper use of APIs
In order to exploit this vulnerability, an attacker must be able to convince an authenticated user to visit a specially crafted website.
It has been
Episode
00:00:00
00:00:00