NVD disclosure day

Published threat advisories for May 4, 2020

CVE advisoryKnown Exploit

CVE-2020-12641

Roundcube Webmail Code Execution Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Roundcube Webmail allows attackers to execute arbitrary code through configuration settings. This poses a significant business risk, potentially leading to system compromise and data breaches due to external exposure and ease of exploitation. Affected organizations should prioritize remediation.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2020-1631

Juniper Junos OS HTTP/HTTPS Service Vulnerability Allows File Access and Command Injection.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Juniper Junos OS allows unauthorized access to files and commands, potentially granting an attacker administrative access via J-Web. This poses a significant business risk due to potential data exposure and system compromise. Organizations should identify affected devices, disable unnecessary HTTP/HT

NVD published: • CISA KEV