CVE-2022-31679 An attacker can access HTTP PATCH requests to the REST API in 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older versions if they know the structure of the domain model.
For example, they can use this technique to cause a service to generate a new revision of a given entity every time an HTTP request
CVE-2022-3250 An insecure cookie was placed in a HTTPS session by a GitHub repository before 2.4.6.
If a browser requests a file over HTTP instead of HTTPS, it will show a lock symbol in the URL bar. Modern browsers come with
CVE-2022-35086 A commit 772e55a2 of the SFTW tools contained a segmentation violation.
This commit was discovered to be problematic when the compiler is used in a build of a program that links with third-party libraries. This may
CVE-2022-1580 The Site Offline Or Coming Soon Or Maintenance Mode plugin before 1.5.3 prevents users from accessing a website if the URL contains certain keywords.
For example, if you wanted to stop users from accessing your website via Google or Microsoft Bing by adding the keywords "Bing" or
CVE-2022-39210 The Nextcloud Android client is official and internal paths are not protected.
The Nextcloud Android app does not support all the features of the server. For example, the app does not support group or user publishing. Accessing
Episode
00:00:00
00:00:00