Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2287PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-34911PUBLISHED: 2022-07-02
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the usern...
CVE-2022-34912PUBLISHED: 2022-07-02An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
CVE-2022-34913PUBLISHED: 2022-07-02** DISPUTED ** md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input.
CVE-2022-2286PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
User Rank: Strategist
6/1/2014 | 2:13:10 PM
A simple terminal connects to the processor, transfers the card data, gets a response, and done. There is no client side data collection.
I guess I'm not sure why Target & Michaels need to store this data. My capitol one card was comprimised at some point in the last year. When I talked to them, I asked which CV code was used, and they said the CV (swiped code), not the 3 digit CVV2, which means mine was most likely one from the Target hack.
I guess I can see why a company like Target would want to dbase my name and address for marketing purposes, but databasing my finacial information without my concent should be illegal.