CVE-2022-20947 - Crashing Cisco ASA and FTD via HostScan DAP Bug—Root Cause and Exploit Explained
On November 16, 2022, Cisco disclosed a critical vulnerability tracked as CVE-2022-20947, affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. If
CVE-2022-45395 - Exploiting Jenkins CCCC Plugin with XXE Vulnerability
In late 2022, security researchers uncovered a concerning vulnerability — CVE-2022-45395 — in the Jenkins CCCC Plugin, version .6 and earlier. This flaw lets attackers exploit XML
CVE-2022-45389 An missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs for an attacker-specified repository.
The issue is caused by a missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier. When installing this plugin, an attacker could specify
CVE-2022-25727 Memory corruption in consumer and industrial IoT devices due to improper length check.
Incorrect length of data in memory or incorrectly aligned data in the memory can lead to memory corruption. Data present in the memory can be
CVE-2022-42977 - How a Simple Export Feature in Netic User Export Let Attackers Download Any File from Atlassian Confluence
Confluence is one of the most widely-used platforms for team collaboration, and add-ons are often required for various business needs. But sometimes, these add-ons accidentally
Episode
00:00:00
00:00:00