Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-45786PUBLISHED: 2023-02-04
There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition ...
CVE-2023-22849PUBLISHED: 2023-02-04
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling Ap...
CVE-2023-25193PUBLISHED: 2023-02-04hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
CVE-2023-0676PUBLISHED: 2023-02-04Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1.
CVE-2023-0677PUBLISHED: 2023-02-04Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1.
User Rank: Apprentice
3/18/2017 | 9:56:36 AM
An in-depth discussion (very well worth the read fro anyone interested in cyber-security) of the issues with Consumer Reports entry into ratings is availablwe for free at the Ceritude Digital webste. From their main page on that site, go to the footer links at the bottom of the page and select the link labeled "Blog (from our CTO)". Library". Near the top of the blog is an article entitled "Should Consumer Reports Set Cybersecurity Standards?"
Alternatively, you can go to F. Scott Deaver's LinkedIn page and look for the "Should Consumer Reports Set Cybersecurity Standards?" topic among his other articles.