CVE-2022-37333 An injection vulnerability in Exment (PHP8, 7, and 2.5) allows remote attackers to inject arbitrary web
users.
The SQL injection flaw was discovered by Tavis Ormandy of Google. The problem resides in the Exment's integration with the Laravel ecosystem. This
CVE-2022-38463 ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Logging out from one customer profile will reflect on any other customer profile. This can lead to a situation where a malicious customer could potentially
CVE-2022-37223 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.
A user can gain access to another user’s data by injecting his own credentials. Multiple parameters can be used to exploit the vulnerability. For
CVE-2022-33147 An SQL injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially crafted HTTP request can lead to a
END>
An attacker can send a specially-crafted HTTP request to the aVideoEncoder endpoint to exploit this vulnerability. This vulnerability can be exploited by hackers to inject
CVE-2022-25972 An out-of-bounds write vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4 can lead to code execution.
HDF5 file format is used to store large data sets in a data storage format similar to that of an SQL database. The HDF5 file
Episode
00:00:00
00:00:00