Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31104PUBLISHED: 2022-06-28
Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x86_64 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs...
CVE-2022-34132PUBLISHED: 2022-06-28Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php.
CVE-2022-34133PUBLISHED: 2022-06-28Benjamin BALET Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Comment parameter at application/controllers/Leaves.php.
CVE-2022-34134PUBLISHED: 2022-06-28Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /application/controllers/Users.php.
CVE-2022-31099PUBLISHED: 2022-06-27
rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a s...
User Rank: Apprentice
1/12/2021 | 4:52:48 AM
When adopting cloud solutions, many organizations fail to balance the benefits of the cloud against the cloud security threats and challenges they may face.
But the major question to ask is, who is responsible for security in the cloud?
Being an entrepreneur I had to go through the same especially in this lockdown. I also tried many solutions but it was expensive for a start-up like mine. I finally landed in some free solutions with a limited number of otp users and quite satisfied till now.