CVE-2022-35051 Heap buffer overflow in otfccdump was found in 617837b.
This issue was found by Aviatrix and reported to PwC. Due to the severity of the issue, the researcher was awarded a bounty of $250.
CVE-2022-35043 An attacker sent a large amount of data to the OTFCCDUMP+0x6c08a6 function which was then used to overflow a heap buffer.
This issue could be exploited by loading a maliciously crafted .otf file and could potentially lead to arbitrary code execution. As a mitigation measure, all
CVE-2022-3502 A vulnerability was found in Human Resource Management System 1.0. It is problematic and could be exploited to make malicious requests to sensitive parts of the application.
The security risk of this vulnerability is estimated as critical by vendors. It is assumed that a hacker may leverage this issue for cross site
CVE-2022-31130 Grafana could leak authentication tokens to older endpoints that use certain plugins.
Endpoints for data source plugins and proxies prior to 9.1.8 and 8.5.14 did not validate the HTTP header sent with the
CVE-2022-35136 Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.
This can be used to leak sensitive data or even execute arbitrary code. It’s recommended to have a security assessment for your IoT devices
Episode
00:00:00
00:00:00