NVD disclosure day
CVE-2024-38475
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A flaw in Apache HTTP Server's mod_rewrite allows attackers to map URLs to unintended filesystem locations, potentially leading to code execution or source code disclosure. This poses a business risk through unauthorized access and sensitive data exposure.
CVE-2024-20399
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Cisco NX-OS allows authenticated administrators to execute arbitrary commands as root. This impacts organizations by potentially compromising operating system control on affected devices. Business risk is present for organizations with these systems.
CVE-2024-36401
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in GeoServer allows unauthenticated attackers to execute arbitrary code. This impacts organizations using GeoServer for geospatial data sharing, posing a business risk through potential system compromise.