CVE-2022-41954 - Unprotected Temporary Files in MPXJ Leak Sensitive Data on Unix Systems
In late 2022, a subtle but serious vulnerability was discovered in MPXJ – a popular open source Java library used for reading and writing project plans
CVE-2022-39338 - How a Nextcloud user_oidc Discovery URL Bug Enabled XSS in Safari
Nextcloud is one of the most popular open-source self-hosted cloud services out there. Like many modern platforms, Nextcloud supports logging in with multiple identity providers
CVE-2022-45206 Jeecg-boot v3.4.3 had a SQL injection vulnerability.
This can be exploited to get database information or perform other attacks. Jeecg-boot v3.4.3 is installed on the following products. - Hewlett Packard
CVE-2022-38113 - Exposing Build and Service Versions via Server Response Headers
The vulnerability identified as CVE-2022-38113 might sound less dramatic than those with remote code execution, but it can still bring dark clouds to your organization’
CVE-2022-43709 The Admin CP's Users module has a SQL injection vulnerability that allows remote users to modify the query string.
The SQL query string is sanitized before being sent to the database, but if an attacker could control the input to the query, it could
Episode
00:00:00
00:00:00