CVE-2022-41428 Bento4 v1.6.0-639 was found to have a heap overflow in mp4mux::AP4_BitReader::ReadBits()
This could result in denial of service or possibly lead to code execution.
In addition to this, a memory corruption issue was discovered in the
CVE-2022-2839 The Zephyr Project Management WordPress plugin before 3.2.55 has no authorisation or CSRF, which makes it vulnerable to CSRF and unauthenticated users.
The latest released version 3.2.56 of the Zephyr Project Manager WordPress plugin is released with the fix to this issue.
Unauthenticated users can
CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.
This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must trick
CVE-2022-40943 Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.
SQL Injection occurs when a hacker injects malicious SQL code into a database to manipulate or access data that should be protected. The most serious
CVE-2022-35156 The Bus Pass Management System 1.0 had a SQL Injection vulnerability via the searchdata parameter.
A user with access to this parameter could exploit this vulnerability to obtain sensitive information about the system, such as the name of a person
Episode
00:00:00
00:00:00