CVE-2022-0331 Webadmin leaks serial numbers of vulnerable Sophos Firewalls. An attacker can use this to impersonate the affected device.
The device serial number is used to identify a specific device. For instance, it can be used to determine if a device is a new
CVE-2022-0549 An issue was found in GitLab CE/EE before 14.3.6, 14.4.4, 14.5.2, and earlier versions.
Possible actions that could be done by unprivileged user: - add new collaborators - change group membership - view group information - view user information
CVE-2022-24934 - How a Registry Change in Kingsoft WPS Office wpsupdater.exe Opens the Door to Remote Code Execution
Kingsoft WPS Office is a popular free office suite, but in early 2022, a big vulnerability was found in one of its components: wpsupdater.exe.
CVE-2022-22952 - File Upload Vulnerability in VMware Carbon Black App Control – How Attackers Can Take Over Windows Servers
The world of endpoint security took a big hit when CVE-2022-22952 came to light. VMware Carbon Black App Control, a product supposed to keep us
CVE-2022-27226 An issue was found in iRZ Mobile routers' /api/crontab that allows a threat actor to create a crontab entry.
This issue affects all iRZ router models.
iRZ Mobile routers running firmware up to and including 1.1.8 (released on 2019-01-04) are vulnerable. iRZ
Episode
00:00:00
00:00:00