CVE-2022-25727 Memory corruption in consumer and industrial IoT devices due to improper length check.
Incorrect length of data in memory or incorrectly aligned data in the memory can lead to memory corruption. Data present in the memory can be
CVE-2022-33985 DMA transactions for NvmExpressDxe software could cause SMRAM corruption.
In addition, a new kernel security feature was introduced in this release to protect against these attacks. The new feature, known as “SMRAM protection”, prevents
CVE-2022-43688 Concrete CMS 8.5.10 and 9.0.0 to 9.1.2 is vulnerable to Stored XSS because the Microsoft application tile color is not sanitized.
This issue does not affect versions of Concrete CMS below 8.5.10 or above 8.5.10 if the Microsoft application tile color is
CVE-2022-34325 DMA transactions which are used for the StorageSecurityCommandDxe SMI handler could cause SMRAM corruption.
Microsoft. This issue affects all Windows 10 versions, from the Creators Update (version 1703) onwards. At the moment, it is unknown how frequently these attacks
CVE-2022-45136 Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker controls the JDBC URL or causes the underlying database server to return malicious data.
Apache Jena TDB is a drop-in replacement for Apache Jena SDB and can be used in the same applications without any changes required. The Apache
Episode
00:00:00
00:00:00