CVE-2022-23848 - How Alluxio’s Log Server Input Stream Bug Could Lead to Security Risks
Alluxio is a widely-used open source data platform, heavily relied upon to handle massive scale workloads across industries. However, a discovered vulnerability (CVE-2022-23848) exposed users
CVE-2022-22916 - Remote Code Execution in O2OA v6.4.7 via /x_program_center/jaxrs/invoke
In the world of enterprise collaboration software, O2OA is a popular, open-source platform widely used for business process management in China. However, it sometimes finds
CVE-2021-44521 - How a Cassandra Config Lets Attackers Run Code on Your Server
If you’re running an Apache Cassandra database and want to use user-defined functions (UDFs), you might be exposing yourself to a serious risk—even
CVE-2022-0020 An XSS flaw in the Cortex XSOAR web interface allows an attacker to store a persistent payload that will perform arbitrary actions.
You should update your vulnerable system to version 6.2.0.1958888 as soon as possible. We apologize for the inconvenience. XSS vulnerabilities can be
CVE-2022-22536 SAP's NetWeaver Application Server ABAP, Java, and Content Server 7.53 are vulnerable to request smuggling and concatenation.
ABAP, SAP NetWeaver Application Server Java and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim&
Episode
00:00:00
00:00:00