CVE-2022-24772 - Exploiting Signature Verification Flaw in node-forge’s PKCS#1 v1.5 Implementation
node-forge (sometimes called just forge) is a popular JavaScript library that implements cryptographic protocols—including full-featured TLS/SSL, and a variety of cryptographic primitives. If
CVE-2022-26965 - Remote Code Execution in Pluck 4.7.16 via Theme Upload
On March 10, 2022, CVE-2022-26965 was published. It describes a high-severity vulnerability in Pluck CMS, an open-source content management system. Versions up to 4.7.
CVE-2022-21822 The NVIDIA FLARE admin interface has an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling which may lead to system unavailable.
This vulnerability was fixed in version 7.8.6.18. This update was released on April 18, 2018.
When upgrading the system to this version,
CVE-2022-24728 CKEditor 4 has a vulnerability in its core HTML processing module that may affect all plugins.
Update your CKEditor 4 installation to the latest version 4.18.0 or higher.
There are newer versions of CKEditor available. CKEditor5 is a professional
CVE-2022-25249 - Directory Traversal Vulnerability in Axeda Agent and Desktop Server – Exploit Details and Mitigation
In early 2022, cybersecurity researchers discovered a serious vulnerability in the Axeda Agent (all versions except 6.9.2 and 6.9.3) and Axeda
Episode
00:00:00
00:00:00