CVE-2022-22977 VMware Tools contains an XXE vulnerability.
XXE is a type of cross-site scripting (XSS) vulnerability that occurs when untrusted data is fed into a web application. Depending on the context in
CVE-2022-27505 Reflected cross site scripting (XSS)
XSS is a type of injection that occurs when user input is not filtered properly and is redirected to another site. There are many different
CVE-2022-23973 ASUS RT-AX56U has a user profile configuration vulnerability that is vulnerable to buffer overflow due to insufficient validation of parameters.
The issue is resolved in RT-AX56U firmware version 1.0.3.3 from February 12, 2017. An attacker can access the user profile configuration function
CVE-2022-27226 An issue was found in iRZ Mobile routers' /api/crontab that allows a threat actor to create a crontab entry.
This issue affects all iRZ router models.
iRZ Mobile routers running firmware up to and including 1.1.8 (released on 2019-01-04) are vulnerable. iRZ
CVE-2022-22594 - Cross-Origin IndexedDB Vulnerability Leaks Sensitive User Data on Apple Devices
In January 2022, Apple patched a major privacy vulnerability: CVE-2022-22594. This bug exposed how IndexedDB—the main browser database for websites—could cross the boundaries
Episode
00:00:00
00:00:00