CVE-2022-33639 - Elevation of Privilege in Microsoft Edge (Chromium) – What You Need to Know
In the relentless landscape of tech security, browser vulnerabilities are especially dangerous because they target software millions use daily. Let's take an in-depth
CVE-2022-32994 An arbitrary file upload vulnerability was found in Halo CMS v1.5.3.
An attacker could leverage this vulnerability to execute code on the affected system or obtain sensitive information. The security risk of malicious file uploads is
CVE-2022-34305 Tomcat versions 10.1.0 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 do not filter user provided data, which exposes a XSS vulnerability.
This has been fixed in these versions. Apache Tomcat 9.0.0-M1, 8.5.0-8, 8.0.18, 7.x versions and earlier are vulnerable.
CVE-2022-32973 An attacker could create an audit file to bypass PowerShell cmdlet checks and execute commands with administrator privileges.
This can be done by injecting malicious code into the PowerShell audit policy configuration or by using a crafted audit policy that is signed by
CVE-2022-33995 An issue in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location.
An attacker can leverage this vulnerability to perform remote code execution. Remote attackers can host malicious DLLs in the server’s entry attachments and convince
Episode
00:00:00
00:00:00