Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-43762PUBLISHED: 2023-02-08Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages
CVE-2022-43763PUBLISHED: 2023-02-08Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07.
CVE-2022-43764PUBLISHED: 2023-02-08Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code.
CVE-2022-43765PUBLISHED: 2023-02-08B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service.
CVE-2022-2094PUBLISHED: 2023-02-08The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting
User Rank: Apprentice
6/24/2015 | 1:35:07 PM
If something is vulnerable then you need to change it, trying to guess what the exploit will look like is often impossible or it just cannot be done from an external attack.
I would rather defend against an attack that is out there in the wild than something I might be vulnerable. I want to know does my IDS recognise real attacks and not spend my time guessing what an attack might look like. So, I defed against knives and guns but the Martian ray gun, not until one exists.