CVE-2022-31678 - Breaking Down the VMware Cloud Foundation NSX-V XXE Vulnerability
In late 2022, VMware disclosed a notable security flaw: CVE-2022-31678. This vulnerability affects VMware Cloud Foundation systems running the NSX for vSphere (NSX-V) network virtualization
CVE-2021-46849 - XXE Vulnerability in pikepdf's XMP Metadata Parsing (Before v2.10.) - Deep Dive, Exploit Details, and How to Stay Safe
In the world of PDF processing, Python's pikepdf library has made a name for itself as a go-to tool for working with PDF
CVE-2022-43028 Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 has a stack overflow via the timeZone parameter.
This issue was reported to have been fixed in version 16.03.11.10. Tenda US versions are vulnerable to XXE attacks. Remote attackers can
CVE-2022-43430 Jenkins Compuware Topaz 2.4.8 and earlier does not configure its XML parser to prevent XXE attacks.
In certain situations, Jenkins may be exposed to a high risk of XXE attacks when it is processing untrusted inputs, such as XML configuration files.
CVE-2022-42114 An XSS vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 through 7.4.3.36 and Liferay DXP 7.4 before update 37 allows remote attackers to inject arbitrary web script or HTML.
This issue is due to insufficient sanitization of user input before placing it into the database. As a result, a user with administrative privileges can
Episode
00:00:00
00:00:00