NVD disclosure day

Published threat advisories for December 11, 2018

CVE-2018-20062

NoneCMS Remote Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in NoneCms allows remote attackers to execute arbitrary code. This impacts system integrity and data confidentiality, posing a business risk of unauthorized access and service disruption. Updates are available.

NVD published: December 11, 2018 • CISA KEV

CVE advisoryKnown Exploit

CVE-2018-17480

Google Chrome Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in the V8 JavaScript engine allows remote attackers to execute code via a crafted HTML page. This impacts organizations by enabling potential system compromise. The realistic business risk includes unauthorized code execution within a sandbox environment.

NVD published: December 11, 2018 • CISA KEV