CVE-2022-42040 d8s-algorithms has a backdoor, the democritus-dicts package.
The package name was changed from democritus-dicts to democritus-dicts-0.1.0. This package was published on PyPI on October 11th, 2018. A new version 0.
CVE-2022-41188 The victim's computer can crash when opening a manipulated Wavefront Object file sent from an untrusted source.
During the installation of the SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable
CVE-2022-35299 SAP SQL Anywhere and IQ can be vulnerable to memory corruption attacks because of logical errors in memory management.
This can be exploited by injecting malicious SQL statements, which can then be executed by the affected server. The update addresses the issue by changing
CVE-2022-20351 There is a SQL injection vulnerability in queryInternal of CallLogProvider. This could lead to local information disclosure with no additional execution privileges needed.
The following SQL query could be exploited by injecting malicious data to the database. Injecting data to the call_log table:
INSERT INTO `call_log`
CVE-2022-38031 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
While parsing OLE DB data in the process of execution of the malicious code in the SQL Server, the vulnerable version of the provider did
Episode
00:00:00
00:00:00