NVD disclosure day

Published threat advisories for June 11, 2018

CVE advisoryKnown Exploit

CVE-2018-6961

VMware NSX SD-WAN Command Injection Vulnerability.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

VMware NSX SD-WAN Edge has a command injection vulnerability in its local web UI, which could allow remote code execution. This component is disabled by default, limiting realistic business risk unless intentionally enabled on untrusted networks. Successful exploitation could impact systems and data.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2016-9079

SVG Animation Vulnerability in Mozilla Browsers and Thunderbird

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in SVG Animation could allow unauthorized access to data if users interact with malicious content. An exploit targeting specific browsers on Windows has been observed, presenting a business risk of data compromise. Organizations should identify and mitigate affected systems.

NVD published: • CISA KEV