CVE-2022-1414 3scale API Management 2 does not perform adequate sanitation for user input in multiple fields
Google engineers acknowledged the issue and stated that the team is working to update the software to prevent these types of attacks in the future.
CVE-2022-43408 Jenkins Pipeline stage view plugin 2.26 and earlier doesn't encode input step ID when generating URLs, allowing attackers to specify them and proceed/abort builds.
This issue does not affect usage of the Jenkins CLI. In order to exploit this issue, an attacker would have to be able to configure
CVE-2022-43401 A sandbox bypass vulnerability in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts to compromise Jenkins.
This vulnerability is exposed when a user is granted permission to define and run scripts in a Jenkins pipeline and that pipeline is configured to
CVE-2022-25748 Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames
This issue can result in the remote execution of code with system privileges on the affected device. The issue is tracked under the Qualified Vendor
CVE-2020-23648 Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability
Moreover, the hack utility of Asus RT-N12E 2.0.0.39 allows remote attackers to cause a denial of service (DoS) or remote code execution
Episode
00:00:00
00:00:00