Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-42585PUBLISHED: 2022-05-23A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-42586PUBLISHED: 2022-05-23A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2022-1825PUBLISHED: 2022-05-23Cross-site Scripting (XSS) - Reflected in GitHub repository collectiveaccess/providence prior to 1.8.
CVE-2022-28874PUBLISHED: 2022-05-23
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attack...
CVE-2022-29599PUBLISHED: 2022-05-23In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
User Rank: Ninja
7/24/2017 | 1:44:02 PM
This makes sense. They just need to use some special characters to make it complex.