CVE-2022-40895 An unauthenticated, remote attacker could exploit a vulnerability in Nedi products to affect the integrity of a device.
However, this issue has already been fixed in version 1.0.8 of NeDi. This issue has been assigned the CVE-2018-14632 rating. However, some Nedi
CVE-2022-3002 XSS stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
It was found that due to the way data was sanitized before being stored to session, there was a possibility of XSS. It was patched
CVE-2022-33887 Autodesk AutoCAD 2023 parses malicious PDF file, causing unhandled exception.
All users who have an unpatched version of Autodesk AutoCAD 2023 installed are at risk. This issue is widespread and affects all major operating systems
CVE-2022-2839 The Zephyr Project Management WordPress plugin before 3.2.55 has no authorisation or CSRF, which makes it vulnerable to CSRF and unauthenticated users.
The latest released version 3.2.56 of the Zephyr Project Manager WordPress plugin is released with the fix to this issue.
Unauthenticated users can
CVE-2022-42002 SonicJS through 0.6.0 has file overwrite mutations fileCreate and fileUpdate.
The fileCreate mutation can be called without any authentication. If a developer had access to this mutation, they could easily overwrite any file on an
Episode
00:00:00
00:00:00