CVE-2022-3040 An after free vulnerability in Layout in Google Chrome before 105.0.5195.52 could lead to heap corruption.
Note that this issue was with the media plugin and has fixed in the latest media release. CVE-2018-6109 In Google Chrome prior to 105.0.
CVE-2022-33682
The Apache Pulsar Broker, Proxy, and WebSocket Proxy clients communicate with each other over a secured connection using the pulsar+ssl protocol. The SSL/TLS
CVE-2022-37797 In lighttpd 1.4.65, mod_wstunnel doesn't initialize a handler function pointer if an invalid HTTP request is received. This leads to a crash.
mod_wstunnel 1.0.9 and later is not affected by this issue. * mod_wstunnel 1.0.9 and later is not affected by this
CVE-2022-2165 URLs in Google Chrome prior to 103.0.5060.53 were not validated properly and were vulnerable to domain spoofing.
Chrome prior to 103.0.5060.54, Firefox prior to 52.0, and Opera prior to 55.0 did not prevent access to domains with
CVE-2022-22971 Spring versions before 5.3.20 and 5.2.22 were vulnerable to a DoS attack with STOMP over WebSocket.
In such a scenario, the user connects to the authenticated server and sends a message to the STOMP over WebSocket endpoint (such as “hello” or
Episode
00:00:00
00:00:00