NVD disclosure day

Published threat advisories for April 30, 2019

CVE advisoryKnown Exploit

CVE-2019-3929

Remote Command Execution in Presentation Systems

Halo Surface Signal: 3 out of 5 — possibly public-facing.

Certain wireless presentation systems have a command injection vulnerability. Attackers can exploit this to run commands with administrative privileges on affected devices, leading to unauthorized system control and potential data compromise. The risk to business operations is significant due to the ease of exploitatio

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2019-9621

Zimbra Collaboration Suite SSRF Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Zimbra Collaboration Suite is affected by a Server-Side Request Forgery vulnerability in its ProxyServlet component. This can allow unauthorized access to information or service disruption. Given its inclusion on the Known Exploited Vulnerabilities catalog, immediate attention is warranted.

NVD published: • CISA KEV