CVE-2022-36100 Tag applications for XWiki, a generic wiki platform.
as well as versions of XWiki that have had the patch applied retroactively. On XWiki versions before 13.10.4 and 14.2, this can
CVE-2022-25897 The package org.eclipse.milo:sdk-server before 0.6.8 is vulnerable to Denial of Service when sending CloseSession requests with the 'deleteSubscription' parameter set to False.
This issue does not affect installations using MELOS. The update package has been updated on the download site. Update packages have been pushed to the
CVE-2022-39838 ALFAFX 2.4.0.25 allows remote file inclusion and path traversal.
This can be used to read or write to any file on the system that the attacker has permission to access. ALFAFX is especially dangerous
CVE-2022-29063 The Solr plugin is configured to make a RMI request on localhost port 1099.
When executing a remote query, the server, by default, listens for connections on all local endpoints, and if an attacker, on the same subnet, is
CVE-2022-37021 Apache Geode versions 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization flaw when using JMX over RMI on Java 8.
The serial filter is enabled by default on all new installations of Apache Geode. Users who wish to avoid any possible data attack on existing
Episode
00:00:00
00:00:00