NVD disclosure day

Published threat advisories for December 11, 2020

CVE advisoryKnown Exploit

CVE-2020-29574

Cyberoam OS WebAdmin SQL Injection Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

An SQL injection vulnerability in Cyberoam OS WebAdmin allows unauthenticated remote execution of SQL commands. This impacts organizations by potentially compromising data confidentiality and integrity, leading to unauthorized access or system control. The realistic business risk involves potential data breaches and di

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2020-17530

Apache Struts Remote Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Organizations using specific versions of Apache Struts or certain Oracle products face a risk of remote code execution. This occurs due to a vulnerability that allows attackers to inject and evaluate malicious code. Successful exploitation can lead to compromised systems, data breaches, and service disruption, impactin

NVD published: • CISA KEV