CVE-2022-35719 - Sensitive Data Leak in IBM MQ Internet Pass-Thru (IPT) Trace Files – How and Why It Happens
In mid-2022, IBM quietly patched a sneaky bug, now known as CVE-2022-35719, in their IBM MQ Internet Pass-Thru (IPT). This vulnerability affects versions 2.1,
CVE-2022-45136 Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker controls the JDBC URL or causes the underlying database server to return malicious data.
Apache Jena TDB is a drop-in replacement for Apache Jena SDB and can be used in the same applications without any changes required. The Apache
CVE-2022-45378 Apache SOAP's RPCRouterServlet has no authentication, which gives attackers the ability to invoke methods on the classpath.
Due to the fact that Apache SOAP versions 1.2, 1.3 and 1.4 are no longer supported, this vulnerability poses a critical risk
CVE-2022-3969 - Insecure Temporary File Vulnerability in OpenKM Up to 6.3.11 – Technical Deep-Dive
A security vulnerability CVE-2022-3969 was discovered in OpenKM, a popular open-source electronic document and record management system. This issue affects versions up to 6.3.
CVE-2022-38387 - Exploiting Command Injection in IBM Cloud Pak for Security (CP4S)
Security vulnerabilities in enterprise platforms can have devastating consequences, especially when exploitation leads to remote command execution. One critical vulnerability, CVE-2022-38387, affects IBM Cloud Pak
Episode
00:00:00
00:00:00