CVE-2022-26466 Audio ipi can write outside bounds, which can lead to privilege escalation and user interaction isn't needed for exploitation.
In the 802.1X interface, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of
CVE-2022-3122 A critical vulnerability was found in SourceCodester Clinics Patient Management System 1.0. The file medicine_details.php is affected.
It has been discovered that the software is vulnerable to SQL injection. By manipulating certain parameters, an attacker may obtain sensitive information or execute arbitrary
CVE-2022-2657 The Multivendor Marketplace Solution for WooCommerce plugin before 3.8.12 had authorisation and CSRF issues, which could allow users to suspend vendors.
attacks on other users’ accounts, such as when a vendor suspends another vendor or when vendors call other vendors and alter their orders. These unauthenticated
CVE-2022-3123 Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a
XSS is a class of vulnerabilities in web applications that execute code in the context of a user's session, either through a direct
CVE-2022-39824 Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server. This can be used for DoS attacks or information leaks.
The currentItem property is not filtered/validated by Appsmith before being sent to the server, which allows remote attackers to inject arbitrary JavaScript via a
Episode
00:00:00
00:00:00