Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31650PUBLISHED: 2022-05-25In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
CVE-2022-31651PUBLISHED: 2022-05-25In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.
CVE-2022-29256PUBLISHED: 2022-05-25
sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` e...
CVE-2022-26067PUBLISHED: 2022-05-25
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnera...
CVE-2022-26077PUBLISHED: 2022-05-25
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff networ...
User Rank: Apprentice
5/24/2018 | 5:19:27 PM
IoT and the cloud are sources of concern. IoT is a target and a tool of crackers who is it in DDoS attacks. The security vulnerabilities inherent in IoT will grow exponentially with the skyrocketing device count. You are indeed responsible for securing your data and the paths it takes into and within the cloud. Know your cloud vendor, what you need from them, and that they can and will provide the several security measures and assurances you require. Use audits, insurance, and other tools to manage the risks of the cloud.