NVD disclosure day
CVE-2020-3580
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Web services interfaces in Cisco ASA and FTD software have vulnerabilities that permit remote attackers to execute cross-site scripting attacks. This could result in the execution of malicious scripts or access to sensitive browser data. Affected organizations should apply vendor-provided updates.
CVE-2020-14883
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Oracle WebLogic Server's Console component allows a highly privileged attacker with network access to take over the server. This can lead to impacts on confidentiality, integrity, and availability, posing a significant business risk.
CVE-2020-14882
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Oracle WebLogic Server allows unauthenticated attackers to take over the server. This could lead to a complete compromise of affected systems, impacting data confidentiality, integrity, and availability. The risk to business operations and data is significant given the potential for a full server tak
CVE-2020-14871
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A vulnerability in Oracle Solaris may allow an unauthenticated attacker with network access to compromise the operating system. This could lead to a takeover of the affected system and impact other connected products. Organizations should identify and address vulnerable Oracle Solaris systems.
CVE-2020-14864
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Oracle Business Intelligence Enterprise Edition allows unauthenticated attackers with network access to obtain unauthorized access to critical data, potentially compromising all accessible information. This poses a significant business risk to organizations using the affected product by impacting dat