NVD disclosure day

Published threat advisories for February 27, 2020

CVE-2020-6418

Google Chrome V8 Type Confusion Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A type confusion vulnerability in the V8 engine could allow remote attackers to exploit heap corruption via a crafted HTML page. This impacts organizations using affected browsers, potentially leading to data compromise and system disruption. The business risk includes unauthorized control and data loss.

NVD published: February 27, 2020 • CISA KEV

CVE advisoryKnown Exploit

CVE-2020-3837

Apple Operating System Memory Corruption Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A memory corruption flaw in Apple operating systems could allow an application to execute code with kernel privileges, impacting system integrity and confidentiality. This vulnerability has been addressed in software updates.

NVD published: February 27, 2020 • CISA KEV