Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9754PUBLISHED: 2022-06-27NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.
CVE-2022-33146PUBLISHED: 2022-06-27Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
CVE-2022-33202PUBLISHED: 2022-06-27
Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlier and L2Blocker(Cloud) Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative pat...
CVE-2022-2206PUBLISHED: 2022-06-26Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-30932PUBLISHED: 2022-06-26** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
User Rank: Ninja
1/29/2018 | 11:11:31 PM
Depends on the bad guy. Your run-of-the-mill thief deals with volume -- and is therefore looking for low-hanging fruit. A nation-state, on the other hand, operates under an entirely different "business model" -- and therefore has both the incentive and the resources to do this kind of in-depth research.