CVE-2022-39366 - Critical Auth Bypass in DataHub—How Unverified JWTs Threaten Your Metadata
Summary:
A critical security flaw—CVE-2022-39366—was discovered in DataHub, an open-source metadata platform, in its Metadata Service (GMS). The flaw allowed anyone to bypass
CVE-2022-39361 - How a Metabase Sample Database Bug Led to Remote Code Execution (RCE)
Metabase makes it easy for anyone to explore and visualize data. But in late 2022, a critical security issue was discovered that could let attackers
CVE-2022-3667 A critical vulnerability was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp. Manipulation leads to heap-based buffer overflow.
This vulnerability is caused by insufficient validation of input data. It may be exploited by sending specially crafted HTTP requests. It is also possible to
CVE-2022-37202 - SQL Injection Vulnerability in JFinal CMS 5.1. via `/admin/advicefeedback/list`
In late 2022, security researchers discovered a critical vulnerability (CVE-2022-37202) in JFinal CMS version 5.1.. If you’re using JFinal CMS on your website,
CVE-2022-39944 - Remote Code Execution in Apache Linkis via MySQL Connector/J Deserialization Flaw
---
Published: 2024-06-24
Severity: High
Affected: Apache Linkis <= 1.2.
Apache Linkis is a powerful “computing middleware” often used in Big Data platforms to
Episode
00:00:00
00:00:00