Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-28200PUBLISHED: 2022-07-02
NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can ext...
CVE-2022-32551PUBLISHED: 2022-07-02Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml).
CVE-2022-32411PUBLISHED: 2022-07-01An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412PUBLISHED: 2022-07-01An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903PUBLISHED: 2022-07-01GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
User Rank: Strategist
5/3/2019 | 8:03:49 AM
At the end of the day, the human factor is the catch all and recognizing that you should 'not' click on that link is the ultimate security measure to prevent a breach.