CVE-2022-0788 The WordPress plugin before 1.5.0 does not sanitize and escape a parameter before using it in a SQL statement, which can be exploited by unauthenticated users.
If a user can inject a WP REST API endpoint via a SQL injection, then the WP REST API can be used to perform any
CVE-2022-29405 In Apache Archiva, any registered user can reset password for any users
There is no option to change password for a user anywhere.
There is no option to change password for a user anywhere. User profiles are
CVE-2022-30551 Attackers can stop a server from processing messages by sending crafted messages that exhaust available resources.
This vulnerability is often exploited through the use of a sql injection attack. As a result, a remote attacker can access or modify data, or
CVE-2022-22976 An integer overflow vulnerability was found in Spring Security versions 5.5.x, 5.6.x, and earlier unsupported versions.
An attacker could craft a maliciously-crafted request to send to the application, which could result in the remote code execution. To protect your application from
CVE-2022-29383 The USERDBDomains.Domainname attack vector was found in the firmware of the SSL VPN FVS336Gv2 and FVS336Gv3.
This can potentially be exploited by malicious entities to gain access to critical system functions that require elevated privileges, such as installation of software or
Episode
00:00:00
00:00:00