Mes: mayo 2020

New vulnerability on the NVD: CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.

Published at: May 21, 2020 at 06:15PM
View on website

from WordPress https://bit.ly/2XgNDmQ
via IFTTT

from Blogger https://bit.ly/2LQWczC
via IFTTT

New vulnerability on the NVD: CVE-2020-0901

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’.

Published at: May 21, 2020 at 07:15PM
View on website

from WordPress https://bit.ly/3ecWGfh
via IFTTT

from Blogger https://bit.ly/2TveElp
via IFTTT

New vulnerability on the NVD: CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka ‘Windows Hyper-V Denial of Service Vulnerability’.

Published at: May 21, 2020 at 07:15PM
View on website

from WordPress https://bit.ly/2A2qdtG
via IFTTT

from Blogger https://bit.ly/3gebUTm
via IFTTT

New vulnerability on the NVD: CVE-2020-0963

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.

Published at: May 21, 2020 at 07:15PM
View on website

from WordPress https://bit.ly/3g6Bbih
via IFTTT

from Blogger https://bit.ly/2TJsSiX
via IFTTT

New vulnerability on the NVD: CVE-2020-1010

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka ‘Microsoft Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.

Published at: May 21, 2020 at 07:15PM
View on website

from WordPress https://bit.ly/2WQzaz5
via IFTTT

from Blogger https://bit.ly/3e5zyj1
via IFTTT