CVE-2022-25271 - How a Subtle Drupal Form API Bug Could Let Attackers Overwrite Sensitive Data
Since its release, Drupal has earned a reputation for secure, robust content management. But even mature software isn’t immune to vulnerabilities. In February 2022,
CVE-2022-0108 Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data.
This issue was fixed in Googles implementation of Navigation in Google Chrome 97.
To exploit this issue, an attacker would have to convince a user
CVE-2022-21703 - How a CSRF Vulnerability in Grafana Could Elevate Attackers to Admin
Grafana is one of the most popular open-source platforms for monitoring, observability, and visualization. It's widely used to collect, analyze, and display data
CVE-2022-0335 - CSRF Vulnerability in Moodle’s “Delete Badge Alignment” – How It Works and How to Protect Your Site
Moodle, the world’s most popular LMS, had a security flaw in versions 3.11 to 3.11.4, 3.10 to 3.10.8,
CVE-2022-21257 - Unpacking a Critical Oracle WebLogic Server Vulnerability
Published: 2022-01-18
CVSS Score: 6.1 (Medium)
Affected versions: 12.2.1.4., 14.1.1..
Component: Samples (Oracle Fusion Middleware)
Attack Vector: Network (HTTP)
Episode
00:00:00
00:00:00