Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-41620PUBLISHED: 2023-02-08Cross-Site Request Forgery (CSRF) vulnerability in SeoSamba for WordPress Webmasters plugin <= 1.0.5 versions.
CVE-2023-0747PUBLISHED: 2023-02-08Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
CVE-2022-43762PUBLISHED: 2023-02-08Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages
CVE-2022-43763PUBLISHED: 2023-02-08Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07.
CVE-2022-43764PUBLISHED: 2023-02-08Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code.
User Rank: Ninja
9/4/2015 | 5:39:26 AM
Another important factor: crisis response. Adobe presents a great example of what not to do. With their major breach a while back, the company first estimated that just under 3 million customers had been impacted. They later amended that number to at least 38 million. Eventually, it was revealed that more than 150 million customers' information was compromised.
Not good for business.