Day: Ağustos 10, 2022

CVE-2022-2458

XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application’s processing of XML data. This attack occurs when XML…

Devamını oku

CVE-2022-23238

Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability…

Devamını oku

CVE-2022-22983

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may…

Devamını oku

CVE-2022-20361

In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation…

Devamını oku

CVE-2022-20360

In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional…

Devamını oku

CVE-2022-20359

In various methods of NotificationManagerService.java, there is a possible way to view notifications while lockdown is enabled due to a permissions bypass. This could lead…

Devamını oku

CVE-2022-20358

In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead…

Devamını oku