Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38193PUBLISHED: 2022-08-16There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that may allow a remote, unauthenticated attacker to pass strings which could potentially cause arbitrary code execution in a victims browser.
CVE-2022-38194PUBLISHED: 2022-08-16In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file.
CVE-2022-38192PUBLISHED: 2022-08-16
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the userâ€â&b...
CVE-2022-38362PUBLISHED: 2022-08-16Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
CVE-2022-30264PUBLISHED: 2022-08-16
The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer files to and from the fl...
User Rank: Strategist
9/22/2016 | 12:17:58 PM
..."
Grants totaling nearly $1 million ended up granted for five projects that are taking a community approach to addressing the nation's shortage of skilled cybersecurity employees.
The National Institute of Standards and Technology (NIST)-led National Initiative for Cybersecurity Education (NICE), a partnership between government, academia and the private sector, will oversee the grants as part of its mission to support cybersecurity education, training and workforce development....."The National Initiative for Cybersecurity Education grants support job-driven training programs designed to fill the many cybersecurity job openings in both the public and private sectors," said U.S. Secretary of Commerce Penny Pritzker.....
NIST will fund five nonprofit organizations to establish partnerships to increase the pipeline of students pursuing cybersecurity careers, help more Americans attain the skills they need for well-paying jobs in cybersecurity, and support local economic development to stimulate job growth.
The following organizations will enter into cooperative agreements with NIST:
Southwestern Ohio Council for Higher Education (SOCHE) — Central Region, Dayton, Ohio: $198,759.
Old Dominion University — Mid-Atlantic Region, Norfolk, Virginia: $199,883.
State University of New York at Albany — Northeast Region, Albany, New York: $197,085.
Chicanos Por La Causa — Southwest Region, Phoenix, Arizona: $199,808.
Pikes Peak Community College — Western Region, Colorado Springs, Colorado: $199,681......"