Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29248PUBLISHED: 2022-05-25
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to ...
CVE-2022-29402PUBLISHED: 2022-05-25TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.
CVE-2021-27783PUBLISHED: 2022-05-25User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
CVE-2021-27779PUBLISHED: 2022-05-25VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.
CVE-2021-44719PUBLISHED: 2022-05-25Docker Desktop 4.3.0 has Incorrect Access Control.
User Rank: Apprentice
1/9/2019 | 5:42:17 AM
Marriott also believes that about 5.25 million unencrypted passport numbers were included in those records. Approximately 20.3 million encrypted passport numbers were also compromised.
Additionally, approximately 8.6 million encrypted payment cards were involved in the breach, but there is no evidence that the hackers have the mechanism to decrypt those numbers. This was the news that has been disclosed by marriot on november