Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2287PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-34911PUBLISHED: 2022-07-02
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the usern...
CVE-2022-34912PUBLISHED: 2022-07-02An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
CVE-2022-34913PUBLISHED: 2022-07-02** DISPUTED ** md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input.
CVE-2022-2286PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
User Rank: Apprentice
2/17/2019 | 1:26:23 AM
How did I engage? I tried to help a friend, inserted my usb stick, turned on the internet as it was needed for my action and Gradcrab 5.1 activated.
I didn't realize it until I noticed that some files from my usb stick changed names.
I was also amazed by the led of usb stick running wild after turning internet on. I knew something was wrong. That was the crypting doing its job.
In 3 minutes the entire folders with txt, docs and zip files were damaged / encrypted.
Luckly I had backups and so my friend, but one thing is obvious: Windows Defender defended NOTHING.
Other systems from same place with Bitdefender installed with Antiransomware and preboot options active were protected.
This is not advertising to this AV provider, it's just a happy case with one damaged computer from 7.
We saved some encrypted files for future use and see if any decryptor will help, but it will be at least 6 months until one will be public.
Thank you