CVE-2022-39338 - How a Nextcloud user_oidc Discovery URL Bug Enabled XSS in Safari
Nextcloud is one of the most popular open-source self-hosted cloud services out there. Like many modern platforms, Nextcloud supports logging in with multiple identity providers
CVE-2022-43138 Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges.
This can be leveraged in a Man-In-The-Middle attack to inject arbitrary requests. Dolibarr Open Source ERP & CRM for Business before v14.0.1 does
CVE-2022-41049 Windows Mark of the Web Security Feature Bypass Vulnerability
The earlier ID was assigned to a Cross-Origin Resource Sharing (CORS) bypass vulnerability in Open Graph API. This is an important feature to let a
CVE-2022-3660: Hiding the Omnibox in Google Chrome on Android through Inappropriate Implementation of Full-screen Mode
The Common Vulnerabilities and Exposures (CVE) identifier CVE-2022-3660 discloses a medium-severity security vulnerability in Google Chrome on Android, which allows a remote attacker to conceal
CVE-2022-42801 - Exploiting an Apple Kernel Logic Flaw for Privilege Escalation
Summary:
In late 2022, Apple patched a critical kernel vulnerability known as CVE-2022-42801. This bug affected devices running iOS, iPadOS, macOS, tvOS, and watchOS, allowing
Episode
00:00:00
00:00:00