DHS Warns of Increasing Emotet Risk

DHS Warns of Increasing Emotet Risk
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database CVE-2019-14885PUBLISHED: 2020-01-23

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information...

CVE-2019-17570PUBLISHED: 2020-01-23

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue...

CVE-2020-6007PUBLISHED: 2020-01-23

Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.

CVE-2012-4606PUBLISHED: 2020-01-23

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

CVE-2012-5340PUBLISHED: 2020-01-23

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.




Support the originator by clicking the read the rest link below.