NVD disclosure day

Published threat advisories for May 22, 2019

CVE-2018-7841

U.motion Builder SQL Injection Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A SQL injection vulnerability exists in U.motion Builder software. This flaw allows attackers to execute unwanted code by providing specific character inputs. The potential impact includes unauthorized code execution and system compromise. This could lead to the compromise of application integrity and confidentiality,

NVD published: May 22, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-11634

Citrix Workspace App Access Control Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Citrix Workspace App and Receiver for Windows have an access control vulnerability. This could allow attackers unauthorized access to local system resources, potentially impacting data and system integrity.

NVD published: May 22, 2019 • CISA KEV