Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2287PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-34911PUBLISHED: 2022-07-02
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the usern...
CVE-2022-34912PUBLISHED: 2022-07-02An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
CVE-2022-34913PUBLISHED: 2022-07-02** DISPUTED ** md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input.
CVE-2022-2286PUBLISHED: 2022-07-02Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
User Rank: Ninja
6/30/2019 | 2:57:58 PM
This something the IT Security consultant should be aware and knowledgeable as well - https://web.mit.edu/rhel-doc/5/RHEL-5-manual/Deployment_Guide-en-US/rhlcommon-chapter-0001.html
Auditing at the filesystem, file execution and kernel layer. In addition, if a file entered into the filesystem, this would be identified and not allowed to process because it is not part of the SeLinux profile.
Todd