Published threat advisories for June 9, 2020

A vulnerability in the Windows kernel allows for privilege escalation when objects are improperly handled in memory. This could enable an attacker with local access to execute code with elevated privileges, potentially impacting system control and data.

NVD published: June 9, 2020 • CISA KEV

A memory consumption flaw in Apple operating systems may allow attackers to cause heap corruption by processing a crafted email. This could impact system availability and disrupt operations for affected organizations. The risk is rated medium and requires user interaction for exploitation.

NVD published: June 9, 2020 • CISA KEV

A vulnerability in Apple's mail client allows attackers to modify application memory or cause crashes by processing a crafted email. This impacts iOS, iPadOS, and watchOS. Business risk includes potential data corruption and application instability.

NVD published: June 9, 2020 • CISA KEV

Roundcube Webmail has a cross-site scripting flaw allowing malicious XML attachments to compromise user sessions and data. This impacts organizations using the email client, posing a risk to data integrity and authorized actions within the system. Mitigation involves applying vendor updates.

NVD published: June 9, 2020 • CISA KEV