NVD disclosure day

Published threat advisories for June 7, 2024

CVE advisoryKnown Exploit

CVE-2024-4610

Arm GPU Kernel Driver Memory Access Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Arm GPU kernel drivers allows local users to access freed memory, posing a risk of unauthorized data access and system compromise. This impacts organizations by potentially exposing sensitive data and disrupting operations. The vulnerability is listed in the known exploited vulnerabilities catalog.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-37383

Roundcube Webmail XSS Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A cross-site scripting vulnerability in Roundcube Webmail allows for unauthorized code execution, impacting organizations using the affected software. This flaw, residing in SVG animate attributes, poses a risk of user data compromise or further malicious actions by attackers. Organizations should apply vendor fixes to

NVD published: • CISA KEV