CVE-2022-38340 FME Server v2021.2.5, v2022.0.0.2 older than 2021.2.5 contains a Path Traversal vulnerability.
This vulnerability can be exploited by a remote attacker to inject and execute malicious code in the context of the affected application. A successful exploit
CVE-2022-38545 Valine v1.4.18 has a RCE vulnerability that allows attackers to execute arbitrary code.
This update also fixes several bugs and provides overall improved performance. In addition, this release updates the v1.4.17 release to v1.4.18,
CVE-2022-38339 An older version of Safe Software FME Server contains a XSS vulnerability that allows attackers to execute arbitrary web scripts or HTML.
This XSS flaw may lead to information leak or may be exploited by hackers to conduct session hijacking or clickjacking. Vulnerable versions of FME Software
CVE-2022-0143 The LDAP connector with StartTLS enabled grants unauthenticated access. This started as an issue in 1.5.20.9.
All installations of IdM and RCS are vulnerable to this issue, including all versions prior to 4.0.1.10, 4.0.1.9, and
CVE-2022-23766 An input validation vulnerability allowed arbitrary file execution.
When accessing a malicious website or opening a malicious file, the user’s browser sends the request to the Internet server. The server receives the
Episode
00:00:00
00:00:00