CVE-2022-45206 Jeecg-boot v3.4.3 had a SQL injection vulnerability.
This can be exploited to get database information or perform other attacks. Jeecg-boot v3.4.3 is installed on the following products. - Hewlett Packard
CVE-2022-3980 V5.0.0 - 9.7.4 Sophos Mobile on-premises has XEE SSRF and potential code execution vulnerabilities.
This vulnerability is an XML External Entity (XEE) issue. In order to exploit this issue, attacker must be able to perform client-side request forgery (CSRF)
CVE-2022-45389 An missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs for an attacker-specified repository.
The issue is caused by a missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier. When installing this plugin, an attacker could specify
CVE-2022-33908 DMA transactions could corrupt SMRAM through a TOCTOU attack.
CVE-2018-3615 was assigned to this issue. Note that this issue does not affect x86 processors with hyperthreading enabled. It is not expected to be exploitable
CVE-2022-45136 Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker controls the JDBC URL or causes the underlying database server to return malicious data.
Apache Jena TDB is a drop-in replacement for Apache Jena SDB and can be used in the same applications without any changes required. The Apache
Episode
00:00:00
00:00:00