CVE-2022-40747 IBM InfoSphere Information Server is vulnerable to an XML External Entity Injection attack. An attacker could exploit this to reveal sensitive information or consume memory resources.
Information on possible vectors of attack and fixes can be found here. Information on possible vectors of attack and fixes can be found here. CVE-2018-3092
CVE-2022-38712: A Deep Dive into the SOAPAction Spoofing Vulnerability Affecting IBM WebSphere Application Server
IBM WebSphere Application Server is a widely used software that provides a flexible, secure Java server runtime environment for enterprise applications. Recently, a security vulnerability,
CVE-2022-21622 The Oracle SOA Suite product is affected by a vulnerability in the Adapters component. The vulnerable versions are 12.2.1.3.0 and 12.2.1.4.0.
Oracle SOA Suite versions affected: Oracle SOA Suite 12.2.1.3.0 Oracle SOA Suite 12.2.1.4.0 Fix information: Apply the
CVE-2022-40705 An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP 2.2 and later versions.
The most common attack scenario is an unauthenticated remote code execution. Due to the fact that RPCRouterServlet is not protected by a filter, an attacker
CVE-2022-39817 Multiple SQL Injection vulnerabilities occur in NOKIA 1350 OMS R14.2 cgi-bin/R14.2/easy1350.pl id or host or cgi-bin/R14.2/cgi-bin/R14.2/host.pl host.pl
An attacker can leverage these issues to execute SQL commands or view sensitive information. In addition, there are multiple XSS vulnerabilities in the /cgi-bin/R14.
Episode
00:00:00
00:00:00