Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29248PUBLISHED: 2022-05-25
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to ...
CVE-2022-29402PUBLISHED: 2022-05-25TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.
CVE-2021-27783PUBLISHED: 2022-05-25User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
CVE-2021-27779PUBLISHED: 2022-05-25VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.
CVE-2021-44719PUBLISHED: 2022-05-25Docker Desktop 4.3.0 has Incorrect Access Control.
User Rank: Apprentice
6/29/2015 | 2:08:04 PM