CVE-2022-26736 Out-of-bounds write issue fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5, and iPadOS 15.5.
This issue can be exploited through the use of XcodeGhost or other compromised application repackages. An out-of-bounds read issue was addressed with improved memory handling.
CVE-2022-22977 VMware Tools contains an XXE vulnerability.
XXE is a type of cross-site scripting (XSS) vulnerability that occurs when untrusted data is fed into a web application. Depending on the context in
CVE-2022-22978 In Spring Security 5.5.6 and older, RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers.
attack. For example, `/^\.com$/`. Redirecting all requests to `/` with a `.` at the beginning will not match against the `/` pattern. Redirecting requests to `/` with a `.` at
CVE-2022-22784 The Zoom Client for Meetings failed to properly parse XMPP messages.
Therefore, administrators who are aware of this risk, and have their users upgrade to a newer version of the Zoom Client, should do so as
CVE-2022-1679 An use-after-free flaw was found in the Atheros wireless adapter driver, which could lead to remote code execution.
This issue affects all Linux kernel versions and will likely be fixed in a future version of the operating system.
In addition, this update fixes
Episode
00:00:00
00:00:00