Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-23087PUBLISHED: 2023-02-03An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function.
CVE-2023-23088PUBLISHED: 2023-02-03Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the json_value_parse function.
CVE-2023-0659PUBLISHED: 2023-02-03
A vulnerability was found in BDCOM 1704-WGL 2.0.6314. It has been classified as critical. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VD...
CVE-2023-23086PUBLISHED: 2023-02-03Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to execute arbitrary code via the SkipString function.
CVE-2021-37519PUBLISHED: 2023-02-03Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.
User Rank: Apprentice
6/12/2017 | 9:19:32 AM
The OpenC2 work represents a long-standing collaboration by a large number of vendors, enterprises, government agencies, and academic institutions. This effort has reached a sufficient level of maturity that the consortium recently moved their work into an OASIS technical committee in order to promulgate an official open standard to accelerate security automation in an interoperable fashion.
Because DarkReading's comment system doesn't allow urls in comments, herewith useful references:
* openc2[dot]org
* www[dot]oasis-open[dot]org/apps/org/workgroup/openc2/#overview