CVE-2022-35710 ColdFusion versions Update 14 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could allow arbitrary code execution in the context of the current user.
This update also addresses a high severity vulnerability in ColdFusion that could be exploited to create arbitrary files on the remote system. This issue was
CVE-2022-3479 A vulnerability found in nss
To fix this issue, nss client auth must be updated. NSS block is considered as a security vulnerability. NSS block may contains a malicious code
CVE-2022-41588 The home screen module has a vulnerability in its service logic processing. Successful exploitation of this may affect data integrity.
The issue is related to the handling of responses by the application when certain parameters are provided in the request.
An attacker can exploit the
CVE-2022-41539 Wedding Planner v1.0 had an arbitrary file upload vulnerability in the /admin/users_add.php component.
To exploit this issue, an attacker needs to upload a malicious PHP file to the server. After the file is uploaded, an attacker can request
CVE-2022-41538 The Wedding Planner v1.0 had an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php.
This issue can be exploited by uploading a file with a malicious extension. An attacker can upload a PHP file with a file path like
Episode
00:00:00
00:00:00