Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2285PUBLISHED: 2022-07-02Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVE-2022-2284PUBLISHED: 2022-07-02Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-33014PUBLISHED: 2022-07-02** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2022-33015PUBLISHED: 2022-07-02** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2022-33016PUBLISHED: 2022-07-02** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
User Rank: Strategist
5/4/2021 | 4:13:24 PM
Even if we replaced most web authentication with client side PKI, most users would still likely be using a master password for their private keystore. And personally, I think they should/could have done over a decade ago, if they had tweaked TLS (or simply added a PKI http auth type to go along side "basic" and "digest") that made it easier to integrate PKI auth with the way normal user/password works.
So there's my $0.07 ($0.02, adjusted for inflation).