CVE-2022-44244 - Authentication Bypass in Lin-CMS v.2.1 Exploited for Super Admin Privileges
If you use Lin-CMS, a popular content management system for developers, you need to know about CVE-2022-44244. This serious vulnerability in version .2.1 could
CVE-2022-39366 - Critical Auth Bypass in DataHub—How Unverified JWTs Threaten Your Metadata
Summary:
A critical security flaw—CVE-2022-39366—was discovered in DataHub, an open-source metadata platform, in its Metadata Service (GMS). The flaw allowed anyone to bypass
CVE-2022-39252 Matrix client-server library and encryption library.
Prior to version 0.5, the Matrix client-server protocol did not support encrypted key material. This means that when a user receives a signed room
CVE-2021-41803 HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 don't validate node or segment names before using it in JWT claim assertions with the auto config RPC.
The above findings indicate that HashiCorp Consul versions 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 are vulnerable
Episode
00:00:00
00:00:00