Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2838PUBLISHED: 2022-08-16In Eclipse Sphinxâ„¢ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.
CVE-2022-35734PUBLISHED: 2022-08-16'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
CVE-2022-36293PUBLISHED: 2022-08-16Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors.
CVE-2022-36344PUBLISHED: 2022-08-16
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed wit...
CVE-2022-36381PUBLISHED: 2022-08-16OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.
User Rank: Ninja
4/30/2017 | 6:11:17 PM