Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-1809PUBLISHED: 2022-05-21Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.
CVE-2022-31267PUBLISHED: 2022-05-21Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "#admin"' value.
CVE-2022-31268PUBLISHED: 2022-05-21A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
CVE-2022-31264PUBLISHED: 2022-05-21Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program.
CVE-2022-31259PUBLISHED: 2022-05-21The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1).
User Rank: Strategist
10/24/2016 | 2:30:34 PM
Individual users of internet, which includes everyone, your five year old, your grandma and adults who are PhDs or high school drop outs are involved and active stakeholders as smartphone, laptop or IoT users and can very seriously impact cyber defenses of shared infrastructure, examples of which we have seen recently.
Basic internet protection education should be part of elementary school education.