Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-25135PUBLISHED: 2023-02-03
vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions are...
CVE-2022-4634PUBLISHED: 2023-02-03All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-0123PUBLISHED: 2023-02-03Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
CVE-2023-0124PUBLISHED: 2023-02-03Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
CVE-2023-24613PUBLISHED: 2023-02-03
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend bin...
User Rank: Strategist
3/17/2015 | 9:34:47 PM
You have rights as a customer of organizations which failed basic security in their infrastructure. Basic prevention techniques could have made exploitation much more difficult. Do you think 1 year of credit monitoring will fully protect you? The answer it is not even remotely close to even the basic protection required. Identify theft may be the least of their worries. In some of these cases there are bank account numbers floating around.
This is getting to be a major confidence issue on the banking system.
At a minimum, I feel lifetime credit protection should be mandated, and the ability to pay for lifetime credit locks. That is the absolute most basic thing they should pay. What would that cost? Well, to lock credit reports is $5 or more for each one (at this time). In addition, if you want a loan or needed a credit check, you have to pay for unlocks. Is it your fault you need that unlock? Demand an adequate amount of money to pay for lifetime credit locks and unlocks and credit monitoring. Even with credit locks, the credit is opened for a window of time where others could exploit it. This is serious and corporations shouldn't be trying to weasel their way out of their liability by offering one year of credit monitoring.