Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36192PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193PUBLISHED: 2021-01-18Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343PUBLISHED: 2021-01-18Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
User Rank: Strategist
6/10/2014 | 12:20:54 AM
you are trying to argue that the outcome of Snowden's actions...which you happen to approve...mitigate the transgressions. not going to fly. he signed an oath. he violated that oath and a multitude of security commitments with KNOWN penalties he agreed to IN ADVANCE of receiving access.
- his actions were pre-meditated
- the "weighting" seems to conveniently miss the fact that he exploited not only his employer/customer....but his teammates as well. the notion that he, in this instance, acted as a beacon of virtue is patently false.
- what NSA, any other organization or person has done is irrelevant to Snowden's culpability.
we can save for another time discussing the laughable circumstances of where he fled to and ensuing actions. yup...pure as a new-born baby's bottom!!
in the end...what you're really arguing is an ancient meme: the ends justify the means. I'd be careful with that one...it is, perhaps, too flexible a rule to live by.