CVE-2022-0070 Incomplete fix for CVE-2021-3100
This will ensure that the target JVMs are isolated from each other and that the hotpatch cannot be applied to a process that is already
CVE-2022-28219 Cewolf in Zoho ManageEngine ADAudit Plus is vulnerable to an XXE attack that leads to RCE.
It is recommended that you upgrade your Zoho ManageEngine ADAudit Plus installation to version 7060 as soon as possible. This update fixes the XXE vulnerability
CVE-2022-23640 - XML Entity Expansion Vulnerability in Excel-Streaming-Reader & How to Stay Safe
If you’re working with spreadsheets in Java, you might know about Excel-Streaming-Reader. It’s a handy library that lets you read really large Excel
CVE-2022-23031: XXE Vulnerability in BIG-IP FPS, ASM, and Advanced WAF - Exploit Details and Mitigation Steps
A recent XML External Entity (XXE) vulnerability, dubbed CVE-2022-23031, has been discovered affecting BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.
CVE-2022-22531 - Unrestricted File Upload Exploit in SAP S/4HANA's F0743 Create Single Payment Application
Security researchers have recently discovered a severe vulnerability in the F0743 Create Single Payment application of SAP S/4HANA, affecting versions 100, 101, 102, 103,
Episode
00:00:00
00:00:00