CVE-2022-23773 Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags as tags.
An example of this happening is if there is a feature called “vX.Y.Z” and there was a branch called “vX.Y”. An actor
CVE-2022-23806 The Curve.IsOnCurve function in Go before 1.16.14 and 1.17.x can return true when a big.Int value is not a valid field element.
This could cause the software to appear vulnerable when it is not. Users should upgrade to the latest version of Go.
In the past, when
CVE-2022-0018 An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app which sends the credentials of the local user account to the GlobalProtect portal when the Single Sign-On feature is enabled.
where the local user accounts are shared across different applications, such as email. Remote attackers can use this information exposure vulnerability to impersonate the local
CVE-2022-0532 An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier
The attacker can achieve this by using the "kube-proxy" and "kube-scryer" pods. If an attacker is able to create a "
CVE-2022-22709 - Inside the VP9 Video Extensions Remote Code Execution Vulnerability
In January 2022, Microsoft disclosed a critical vulnerability—CVE-2022-22709—that impacted the VP9 Video Extensions for Windows 10 and 11. This was not just a
Episode
00:00:00
00:00:00