CVE-2022-24405 The Oracle JDK 7.10.6 through 7.10.8 has a flaw that can be used to make OS Command Injection attacks on the Documentconverter API.
CVE-2018-7704 A remote code execution vulnerability exists in the way the OS X App Suite Java SDK honors XML input. An attacker can send specially
CVE-2022-1310 An after free bug in Google Chrome prior to version 100 allowed a remote attacker to exploit heap corruption.
CVE-2015-5237 was discovered in Google Chrome prior to version 40.0.2214.111. This vulnerability is known as "stale pointer vulnerability" because it
CVE-2022-1130: Critical Vulnerability in WebOTP in Google Chrome on Android - Potential for Remote Attackers Sending Arbitrary Intents
In this long-read post, we will be discussing a critical security vulnerability identified as CVE-2022-1130. The issue lies in the insufficient validation of trust input
CVE-2022-26138 The Atlassian Questions app creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password.
Upgrading to a newer version of the app with a different bugfix or feature might also create this user account, and it is recommended to
CVE-2022-21549 Oracle Java SE, Oracle GraalVM Enterprise Edition is affected by a vulnerability in the Libraries component. The vulnerability could allow a remote attacker to obtain system privileges.
by using the sendMessage API with a crafted object. The attacker cannot inject malicious code using the Java language, but can instead use scripting languages
Episode
00:00:00
00:00:00