CVE-2022-27810 In dev-mode, if asserts are enabled, an infinite recursion condition is possible in the error handler.
When a malformed request was received, the JavaScript code would be executed in the dev-mode error handler, resulting in an infinite recursion condition. This issue
CVE-2022-41852 JXPath may be vulnerable to a remote code execution attack when using functions that process XPath strings. Compile() and compilePath() are safe.
An attacker can craft an XPath string to load any class of his/her choice using an external source, such as an XML file.
JXPath
CVE-2022-31008 RabbitMQ is a messaging and streaming broker that uses federation and shovel plugins to obfuscate URI keys. The key used to encrypt the URI was seeded with a predictable secret.
An attacker with network access to a compromised RabbitMQ node could use those to launch a man-in-the-middle attack and change the communication between clients and
CVE-2022-2637 In Incorrect Privilege Assignment vulnerability, remote authenticated users can cause privilege escalation.
The vulnerability is present in the “Hitachi Storage Plug-in for VMware vCenter” and can be exploited by a remote user with the privilege of the
CVE-2022-22503 Robotic Process Automation 21.0.0 could be hijacked by a remote attacker.
CVE-2019-10565 A vulnerability in the XCVF system could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to
Episode
00:00:00
00:00:00