CVE-2022-22788 The installer for the Zoom Opener is downloaded by users when they try to join a meeting without the Zoom Meeting Client installed.
The issue was identified by Microsoft and a fix has been included in the current version 5.10.3 and is being released to end
CVE-2022-21127 Intel processors may have incomplete cleanup in specific register read operations. This could potentially allow for information disclosure.
To mitigate this issue, please consider disabling special register read operations for Spectre v2 mitigation. Intel has released software updates for the impacted processors. For
CVE-2022-28330 - Understanding and Exploiting the Apache HTTP Server mod_isapi Out-of-Bounds Read on Windows
In March 2022, the Apache Software Foundation disclosed a security vulnerability, CVE-2022-28330, affecting the Apache HTTP Server (httpd) versions 2.4.53 and earlier on
CVE-2022-0788 The WordPress plugin before 1.5.0 does not sanitize and escape a parameter before using it in a SQL statement, which can be exploited by unauthenticated users.
If a user can inject a WP REST API endpoint via a SQL injection, then the WP REST API can be used to perform any
CVE-2022-1940 Jira integration in GitLab EE is vulnerable to stored cross-site scripting, and is affected by versions 13.11-14.9.5, 14.10-14.10.4, and 15.0-15.0.1
The proof of concept (PoC) code is as follows: function doit() { var target = ‘URL of GitLab EE>'; alert(‘You clicked on “‘ + target + ’”!’); } When
Episode
00:00:00
00:00:00