Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-25878PUBLISHED: 2022-05-27
The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype.
This vulnerability can occur in multiple ways:
1. by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption ...
CVE-2021-27780PUBLISHED: 2022-05-27The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVE-2021-27781PUBLISHED: 2022-05-27The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
CVE-2022-1897PUBLISHED: 2022-05-27Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-20666PUBLISHED: 2022-05-27
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
These vulnerabilities are due to insufficient va...
User Rank: Ninja
10/30/2016 | 12:41:23 PM
Considering they telephoned me, and considering that the number they were calling from was not a telephone number known to me to be associated w/ my carrier, I refused. The huffy person on the other end of the line appeared put out.
I then called my insurance company on the number I knew to be correct to ask them about it. Unfortunately, it's such a big bureaucracy that I couldn't even get through to someone who could even tell me whether or not the call was legitimate for sure.
Because my insurance company was so bureaucratic and stupid, I wouldn't put it past them to have such stupid practices -- but it's also just as likely (at least) that it was a malfeasor's bit of social engineering. In any case, nothing bad happened to me because I refused to "verify" my information.
People calling you asking you to "verify" your information is the slightly more sophisticated social-engineering equivalent of someone calling you and after you say hello, the other person on the line immediately says, "Who's this?" YOU CALLED ME. >:P