Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31650PUBLISHED: 2022-05-25In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
CVE-2022-31651PUBLISHED: 2022-05-25In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.
CVE-2022-29256PUBLISHED: 2022-05-25
sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` e...
CVE-2022-26067PUBLISHED: 2022-05-25
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnera...
CVE-2022-26077PUBLISHED: 2022-05-25
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff networ...
User Rank: Ninja
1/21/2018 | 3:50:37 PM
Immediately following the public announcement of the ban on federal use, they encouraged the private sector to move away from KL products.
Every sovereign government has the right, even the obligation, to regulate the tools its officials can or should use, as much as they should regulate who and what crosses their borders. If the US has concerns about private sector data governance (data which is transmitted through or stored in foreign territories - as they should), it is that fact, not the location of a company's headquarters, which ought to guide their policies.