CVE-2022-26751 An input validation issue was fixed in iTunes 12.12.4, iOS 15.5, and iPadOS 15.5, Security Update 2022-004 Catalina, and macOS Big Sur 11.6.6.
This issue was addressed by improved memory handling. A memory corruption issue was addressed with improved memory handling. An issue in WebKit resulting in remote
CVE-2022-26736 Out-of-bounds write issue fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5, and iPadOS 15.5.
This issue can be exploited through the use of XcodeGhost or other compromised application repackages. An out-of-bounds read issue was addressed with improved memory handling.
CVE-2022-22977 VMware Tools contains an XXE vulnerability.
XXE is a type of cross-site scripting (XSS) vulnerability that occurs when untrusted data is fed into a web application. Depending on the context in
CVE-2022-22978 In Spring Security 5.5.6 and older, RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers.
attack. For example, `/^\.com$/`. Redirecting all requests to `/` with a `.` at the beginning will not match against the `/` pattern. Redirecting requests to `/` with a `.` at
CVE-2022-22784 The Zoom Client for Meetings failed to properly parse XMPP messages.
Therefore, administrators who are aware of this risk, and have their users upgrade to a newer version of the Zoom Client, should do so as
Episode
00:00:00
00:00:00