CVE-2022-43766 - Denial of Service in Apache IoTDB via REGEXP Queries Explained
Apache IoTDB (Internet of Things Database) is a popular, open-source time-series database for managing massive amounts of device data. But, if you are using an
CVE-2022-40238 An RCE vulnerability exists in CERT software prior to version 1.50.5. An attacker can inject arbitrary pickle object as part of a user's profile.
This vulnerability can be exploited via Authentication bypass. A Remote Code Execution vulnerability in CERT software prior to version 1.50.5 can be exploited
CVE-2022-29822 - Feathers.js Improper Parameter Filtering Leads to SQL Injection Attack
In early 2022, a serious vulnerability was discovered in the popular Feathers.js web framework. Tracked as CVE-2022-29822, the flaw is caused by improper filtering
CVE-2022-29823 - Remote Code Execution in Feather-Sequelize’s cleanQuery—An Exclusive Deep Dive
The security of backend systems is paramount, especially when dealing with code that interacts directly with databases. One of the subtle-yet-devastating vulnerabilities discovered in 2022
CVE-2022-2422 - SQL Injection in FeathersJS Through feathers-sequelize – A Simple Explanation & Walkthrough
FeathersJS is a popular web framework for building flexible and real-time web APIs in Node.js. However, improper input validation in some versions of FeathersJS,
Episode
00:00:00
00:00:00