CVE-2022-21498 - Exploiting Integrity Flaws in Oracle Database Java VM – Analysis and Example
On April 19, 2022, Oracle published a security advisory for CVE-2022-21498, detailing a serious vulnerability in the Java VM component of the Oracle Database Server.
CVE-2022-21445 Oracle JDeveloper is vulnerable to CVE-2016-2115. Both versions 12.2.1.3.0 and 12.2.1.4.0 are affected.
In addition, it is possible to conduct SQL injection attacks. It is also possible to bypass access restriction mechanisms (e.g., try anonymous connections). If
CVE-2022-21210 - SQL Injection Vulnerability in Lansweeper AssetActions.aspx (Exploit Details & Walkthrough)
CVE-2022-21210 is a critical SQL injection vulnerability discovered in Lansweeper version 9.1.20.2, specifically within the AssetActions.aspx functionality. With simple manipulation, an
CVE-2022-1258 An authenticated administrator on ePO can exploit a blind SQL injection vulnerability in MA ePO 5.7.6 and perform arbitrary SQL queries in the back-end database. This can lead to command execution.
An attacker must first obtain the ability to access the ePO server and then perform a series of steps to exploit this vulnerability. First, the
CVE-2022-27448 - Unpacking the MariaDB "Assertion Failure" Vulnerability and Its Real-World Risks
In April 2022, security researchers discovered a critical vulnerability in MariaDB Server (versions 10.9 and below) that could crash the database through a simple
Episode
00:00:00
00:00:00