CVE-2022-37189 DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service
If external entities are not prevented from being loaded into an application, then they can be used to corrupt data or cause other problems. For
CVE-2022-36773 IBM Cognos Analytics is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
In certain configurations, IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a Denial of Service (DoS) attack.
CVE-2022-29097 Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API
Dell WMS 3.6.2 and onwards contains a Cross-site Request Forgery (CSRF) vulnerability in the Configuration API. A malicious user could potentially exploit this
CVE-2022-22977 VMware Tools contains an XXE vulnerability.
XXE is a type of cross-site scripting (XSS) vulnerability that occurs when untrusted data is fed into a web application. Depending on the context in
CVE-2022-0070 Incomplete fix for CVE-2021-3100
This will ensure that the target JVMs are isolated from each other and that the hotpatch cannot be applied to a process that is already
Episode
00:00:00
00:00:00