CVE-2022-42303 An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products
The injection occurs in the query string of the request line when accessing the service. An attacker can leverage this vulnerability to execute SQL commands
CVE-2022-41423 Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component.
This could result in a crash during execution of a malicous javascript code.
The vulnerability is rated as critical due to the possibility of remote
CVE-2022-41428 Bento4 v1.6.0-639 was found to have a heap overflow in mp4mux::AP4_BitReader::ReadBits()
This could result in denial of service or possibly lead to code execution.
In addition to this, a memory corruption issue was discovered in the
CVE-2022-2839 The Zephyr Project Management WordPress plugin before 3.2.55 has no authorisation or CSRF, which makes it vulnerable to CSRF and unauthenticated users.
The latest released version 3.2.56 of the Zephyr Project Manager WordPress plugin is released with the fix to this issue.
Unauthenticated users can
CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.
This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must trick
Episode
00:00:00
00:00:00