high level vulnerability in Microsoft Corporation(part3)

CVE-2022-20803 Description A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this […]

CVE-2022-3724 Description Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows Base Score: 7.5 HIGH https://www.wireshark.org/security/wnpa-sec-2022-08.html ____________________________ CVE-2022-46829 Description In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented. Base Score: 8.8 HIGH […]

CVE-2020-14349 Description It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. Base Score: 7.1 […]