CVE-2022-23766 An input validation vulnerability allowed arbitrary file execution.
When accessing a malicious website or opening a malicious file, the user’s browser sends the request to the Internet server. The server receives the
CVE-2022-40608 IBM Spectrum Protect Plus could be affected by a vulnerability that allows a directory traversal attack to download any file on the target machine.
This can be exploited by an attacker to exfiltrate confidential data or to infect the system with malware. IBM X-Force ID: 264215. Microsoft Windows Server
CVE-2022-40234 IBM Spectrum Protect Plus prior to version 10.1.12 included private key information for a certificate in the generated .crt file.
The private key information can be used to decrypt and impersonate the legitimate user. For example, an attacker may maliciously send an email with the
CVE-2022-1580 The Site Offline Or Coming Soon Or Maintenance Mode plugin before 1.5.3 prevents users from accessing a website if the URL contains certain keywords.
For example, if you wanted to stop users from accessing your website via Google or Microsoft Bing by adding the keywords "Bing" or
CVE-2022-39210 The Nextcloud Android client is official and internal paths are not protected.
The Nextcloud Android app does not support all the features of the server. For example, the app does not support group or user publishing. Accessing
Episode
00:00:00
00:00:00