CVE-2022-31626 With pdo_mysql extension and mysqlnd driver, if the third party allows to connect to the host, and the password is of excessive length, it can't be decrypted by the server.
It has been reported that the vulnerability exists in pdo_mysql extension with mysqlnd driver, which is currently being patched by most of the vendors.
CVE-2022-31625 Postgres database extension doesn't like invalid parameters in older versions of PHP. This can lead to memory being freed using uninitialized data as pointers.
Parameter sniffing is a security feature in most modern programming languages that prevents accidental access to uninitialized data by checking the type of each variable
CVE-2022-30184 .NET and Visual Studio Information Disclosure Vulnerability.
This can be easily exploited and leveraged to steal sensitive data from the targeted network. In short, this vulnerability allows an attacker to obtain access
CVE-2022-29143 Microsoft SQL Server Remote Code Execution Vulnerability.
This is critical bug in Microsoft’s product and it is high-risk as well. It was discovered by a well-known security researcher named Gabriel Lawrence.
CVE-2022-31054 Argo Events is an automation framework for Kubernetes that uses `ioutil.ReadAll()` before version 1.7.1.
The following versions have been reported to be vulnerable: 1.7.0
1.7.1 To check if your application is vulnerable, open the server&
Episode
00:00:00
00:00:00