CVE-2022-31678 - Breaking Down the VMware Cloud Foundation NSX-V XXE Vulnerability
In late 2022, VMware disclosed a notable security flaw: CVE-2022-31678. This vulnerability affects VMware Cloud Foundation systems running the NSX for vSphere (NSX-V) network virtualization
CVE-2022-35880 - Format String Injection in Abode iota All-In-One Security Kit UPnP Logging
The Abode Systems iota All-In-One Security Kit is designed to protect homes with security sensors, video monitoring, and support for smart home integrations. But security
CVE-2022-21622 The Oracle SOA Suite product is affected by a vulnerability in the Adapters component. The vulnerable versions are 12.2.1.3.0 and 12.2.1.4.0.
Oracle SOA Suite versions affected: Oracle SOA Suite 12.2.1.3.0 Oracle SOA Suite 12.2.1.4.0 Fix information: Apply the
CVE-2022-40705 An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP 2.2 and later versions.
The most common attack scenario is an unauthenticated remote code execution. Due to the fact that RPCRouterServlet is not protected by a filter, an attacker
CVE-2022-39817 Multiple SQL Injection vulnerabilities occur in NOKIA 1350 OMS R14.2 cgi-bin/R14.2/easy1350.pl id or host or cgi-bin/R14.2/cgi-bin/R14.2/host.pl host.pl
An attacker can leverage these issues to execute SQL commands or view sensitive information. In addition, there are multiple XSS vulnerabilities in the /cgi-bin/R14.
Episode
00:00:00
00:00:00