CVE-2022-33908 DMA transactions could corrupt SMRAM through a TOCTOU attack.
CVE-2018-3615 was assigned to this issue. Note that this issue does not affect x86 processors with hyperthreading enabled. It is not expected to
CVE-2022-45136 Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker controls the JDBC URL or causes the underlying database server to return malicious data.
Apache Jena TDB is a drop-in replacement for Apache Jena SDB and can be used in the same applications without any changes required. The
CVE-2022-45378 Apache SOAP's RPCRouterServlet has no authentication, which gives attackers the ability to invoke methods on the classpath.
Due to the fact that Apache SOAP versions 1.2, 1.3 and 1.4 are no longer supported, this vulnerability poses a critical risk
CVE-2022-41671 An Injection CWE-89 exists in SQL Command that allows adversaries with local user privileges to craft a malicious query and execute as part of project migration.
Risk: Remote Code Execution. Exploitation of this vulnerability is possible if user inputs an SQL command that has special characters of the ‘injection’ type into
CVE-2022-35717 IBM InfoSphere Information Server could be exploited locally by sending a special request.
An attacker could exploit this vulnerability by sending a specially crafted request to the targeted system. An attacker would first have to send a crafted
Episode
00:00:00
00:00:00