CVE-2022-3231 Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.
It has now been patched. Prior to the patch, XSS could be exploited by an attacker to inject malicious scripts into almost any LibreNMS page,
CVE-2022-38621 Fox Doufox CMS was found to have a RCE vulnerability on the edit file page.
An attacker can host a specially crafted PHP file on a Web server and cause the application to consume an excessive amount of CPU resources.
CVE-2022-38405 Adobe InCopy versions 17.3 and earlier are vulnerable to a Heap-based Buffer Overflow that could give remote code execution to the user who runs the affected application.
In the majority of cases, InCopy will close the file before the user has a chance to open it. This prevents InCopy from being exploited.
CVE-2022-38404 Adobe InCopy versions 17.3 and earlier are vulnerable to a Heap-based Buffer Overflow that could give remote code execution to the user who runs the affected application.
In the majority of cases, InCopy will close the file before the user has a chance to open it. This prevents InCopy from being exploited.
CVE-2022-38403 Adobe InCopy versions 17.3 and earlier are vulnerable to a Heap-based Buffer Overflow that could give remote code execution to the user who runs the affected application.
In the majority of cases, InCopy will close the file before the user has a chance to open it. This prevents InCopy from being exploited.
Episode
00:00:00
00:00:00