Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-46965PUBLISHED: 2023-02-02PrestaShop module, totadministrativemandate before v1.7.1 was discovered to contain a SQL injection vulnerability.
CVE-2023-0642PUBLISHED: 2023-02-02Cross-Site Request Forgery (CSRF) in GitHub repository squidex/squidex prior to 7.4.0.
CVE-2023-0643PUBLISHED: 2023-02-02Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0.
CVE-2020-24307PUBLISHED: 2023-02-02An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file.
CVE-2022-43665PUBLISHED: 2023-02-02A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target process. An attacker can provide a malicious file to trigger this vulnerability.
User Rank: Ninja
2/28/2019 | 9:35:01 PM
Yes there are deficiencies. But I believe it to be a better allocation of funding to try and create more proficient and consistent coding then trying to throw bodies at it retroactively for review. I understand that if there is a shortage in one security facet then it may persist into others. But coders and app dev individuals that could be helpful in this endeavor are not part of that shortage.
Respectfully, I understand your inquiry. But I'm an Security Engineer. Crafting solutions is part of my day to day and this is again just one person's opinion at a plausible solution. Without attempting any solutions, we will all pontificate until this article is re-written in the years to come.