CVE-2022-43693 - Concrete CMS CSRF Flaw in Core OAuth – How Attackers Can Hijack Your Login
Concrete CMS is a popular open-source content management system powering many government and enterprise websites. In late 2022, a worrying vulnerability — now tracked as CVE-2022-43693
CVE-2022-3632 - How Missing CSRF Checks in OAuth Client by DigitalPixies Expose Your WordPress Site
Security flaws in WordPress plugins can give hackers an opening to bypass protections and mess with your website. One such flaw—CVE-2022-3632—affects the OAuth
CVE-2022-45199 Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
This issue was disclosed to the third party vendor who has confirmed the issue and is working on a patch. It has been reported that
CVE-2022-45188 - Netatalk Heap Overflow to Remote Root on TrueNAS
Summary:
CVE-2022-45188 is a serious vulnerability found in Netatalk (up through version 3.1.13) affecting its Apple Filing Protocol (AFP) support. Using a specially
CVE-2022-41904 Element iOS is a Matrix client based on the MatrixSDK. Before version 1.9.7, events encrypted using Megolm that could not be trusted were unmarked.
On the Android mobile operating system, Element supports Android 4.1 or later. On Android, Element is accessed through the Google Play Store. Element iOS
Episode
00:00:00
00:00:00