CVE-2022-0502 Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
XSS is a type of Cross-site Request Forgery (CSRF) that attackers use to steal personal data from a user’s session. All you need to
CVE-2022-0335 A bug was found in Moodle 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 unsupported versions.
This flaw allowed an attacker to remove a course's badge alignment, thereby preventing it from being viewed by certain students. The Moodle team
CVE-2022-21704 log4js-node is a port of log4js to node. In some versions of the appender file permissions are readable by world.
A new version of log4js is now available. This version contains a fix for a potential cross-site request forgery (CSRF) attack vector. In versions of
CVE-2022-20613: Uncovering Cross-Site Request Forgery Vulnerability in Jenkins Mailer Plugin
A critical vulnerability, CVE-2022-20613, was recently discovered in the widely used Jenkins Mailer Plugin, affecting versions up to and including 391.ve4a_38c1b_cf4b_. This
CVE-2022-22827 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
There is a buffer overflow in the handling of DOLLARS characters in an entity, as demonstrated by an example in the advisory. An attacker could
Episode
00:00:00
00:00:00