CVE-2022-38027 Windows Storage Elevation of Privilege Vulnerability.
In June, the Microsoft security team released a bulletin addressing a critical issue with how Windows Storage works. This issue, which is also referred to
CVE-2022-38040 Microsoft ODBC Driver Remote Code Execution Vulnerability.
On June 2, 2018, security researcher Sean Kinner discovered a critical flaw in the Microsoft ODBC Driver that can be exploited by attackers to execute
CVE-2022-39296 Melis Asset Manager delivers assets in public folders of module-specific assets. An attacker can read arbitrary files to obtain sensitive information.
An attacker can read arbitrary files on affected versions of `melisplatform/melis-asset-manager`, leading to the disclosure of sensitive information. This RCE can be used to
CVE-2022-41379 An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code.
This arbitrary code can be executed in a logged-in administrator user via a specially-crafted PHP file. This arbitrary code can be used to steal data,
CVE-2022-41512 An arbitrary file upload vulnerability in the /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code.
The component /php_action/editFile.php does not require any authentication to enable unauthorized users to upload files and execute code. The component should be
Episode
00:00:00
00:00:00