CVE-2022-23972 The ASUS RT-AX56U has an SQL injection vulnerability because it doesn't validate user input.
RT-AX56U’s SQL injection due to insufficient input validation. An attacker can send specially-crafted request to inject SQL code into database and the database will
CVE-2022-0981 A flaw was found in Quarkus, the popular REST client, which can leak state and permissions from one web request to another.
This issue could be exploited remotely by injecting malicious requests into the application’s communication channels. In certain configurations, it’s also possible for an
CVE-2022-0862 - How a Deprecated McAfee ePO API Let Attackers Change Your Password Remotely
In early 2022, security researchers disclosed CVE-2022-0862, a vulnerability affecting McAfee Enterprise ePolicy Orchestrator (ePO)—specifically, versions before 5.10 Update 13. This post dives
CVE-2022-27226 An issue was found in iRZ Mobile routers' /api/crontab that allows a threat actor to create a crontab entry.
This issue affects all iRZ router models.
iRZ Mobile routers running firmware up to and including 1.1.8 (released on 2019-01-04) are vulnerable. iRZ
CVE-2022-0959 - How Authenticated Users Can Exploit pgAdmin File Upload Vulnerability
CVE-2022-0959 is a significant security vulnerability discovered in pgAdmin, a popular open source administration tool for PostgreSQL databases. This post will walk you through what
Episode
00:00:00
00:00:00