CVE-2022-45378 Apache SOAP's RPCRouterServlet has no authentication, which gives attackers the ability to invoke methods on the classpath.
Due to the fact that Apache SOAP versions 1.2, 1.3 and 1.4 are no longer supported, this vulnerability poses a critical risk
CVE-2022-41671 An Injection CWE-89 exists in SQL Command that allows adversaries with local user privileges to craft a malicious query and execute as part of project migration.
Risk: Remote Code Execution. Exploitation of this vulnerability is possible if user inputs an SQL command that has special characters of the ‘injection’ type into
CVE-2022-35717 IBM InfoSphere Information Server could be exploited locally by sending a special request.
An attacker could exploit this vulnerability by sending a specially crafted request to the targeted system. An attacker would first have to send a crafted
CVE-2022-3640 A critical vulnerability was found in the Linux Kernel. The affected function is l2cap_conn_del of the component Bluetooth. The vulnerability leads to use after free.
Another critical issue was found in AIX. It is a vulnerability related to unauthorized program execution. Affected is the function radvd. The vulnerability is due
CVE-2022-21623 Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager. affected versions are 13.4.0.0 and 13.5.0.0
While this vulnerability does not allow unauthenticated attackers to execute code or full remote takeover of Enterprise Manager Base Platform, it can be used to
Episode
00:00:00
00:00:00