CVE-2022-29097 Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API
Dell WMS 3.6.2 and onwards contains a Cross-site Request Forgery (CSRF) vulnerability in the Configuration API. A malicious user could potentially exploit this
CVE-2022-22977 VMware Tools contains an XXE vulnerability.
XXE is a type of cross-site scripting (XSS) vulnerability that occurs when untrusted data is fed into a web application. Depending on the context in
CVE-2022-0070 Incomplete fix for CVE-2021-3100
This will ensure that the target JVMs are isolated from each other and that the hotpatch cannot be applied to a process that is already
CVE-2022-28219 Cewolf in Zoho ManageEngine ADAudit Plus is vulnerable to an XXE attack that leads to RCE.
It is recommended that you upgrade your Zoho ManageEngine ADAudit Plus installation to version 7060 as soon as possible. This update fixes the XXE vulnerability
CVE-2022-23031: XXE Vulnerability in BIG-IP FPS, ASM, and Advanced WAF - Exploit Details and Mitigation Steps
A recent XML External Entity (XXE) vulnerability, dubbed CVE-2022-23031, has been discovered affecting BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.
Episode
00:00:00
00:00:00