NVD disclosure day
CVE-2019-17621
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A vulnerability in certain D-Link routers allows unauthenticated remote attackers to execute system commands as root. This could lead to a compromise of the affected devices and the data they handle. Organizations should prioritize applying vendor updates or discontinuing use if updates are unavailable.
CVE-2019-17558
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Apache Solr's VelocityResponseWriter could allow attackers to execute arbitrary code on affected systems. This impacts the confidentiality, integrity, and availability of data and systems by enabling unauthorized code execution. The business risk is elevated due to the potential for system compromise
CVE-2019-20085
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
Directory traversal vulnerabilities in TVT NVMS-1000 devices allow unauthorized file access. This can lead to data breaches and impact information confidentiality. The CVE is listed in the known exploited vulnerabilities catalog.