CVE-2022-32171 Zinc versions v0.1.9 - v0.3.1 are vulnerable to Stored XSS when using the delete user functionality.
The following example shows how to create a XSS payload by injecting javascript into the user id field of a user.
When making changes to
CVE-2022-42302 An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products
An authenticated user with a valid username and password can execute arbitrary SQL commands in the database. The SQL Injection can be exploited by remote
CVE-2022-42304 An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products
A remote attacker could exploit this issue and inject SQL code to potentially impact the availability of your backup data, cause information disclosure, or execute
CVE-2022-42303 An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products
The injection occurs in the query string of the request line when accessing the service. An attacker can leverage this vulnerability to execute SQL commands
CVE-2022-41423 Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component.
This could result in a crash during execution of a malicous javascript code.
The vulnerability is rated as critical due to the possibility of remote
Episode
00:00:00
00:00:00