NVD disclosure day
CVE-2024-28987
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
SolarWinds Web Help Desk software has a hardcoded credential vulnerability allowing unauthenticated remote access and data modification. This presents a risk of unauthorized access to internal functions and data integrity for affected organizations.
CVE-2024-7971
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A type confusion vulnerability in browsers can allow attackers to exploit heap corruption via a crafted HTML page, potentially leading to data exposure and system compromise. Affected organizations face business risk due to unauthorized actions and system disruption. This vulnerability is listed on the Known Exploited
CVE-2024-7965
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A flaw in the V8 engine within Google Chrome allows remote attackers to exploit heap corruption via a crafted HTML page. This could affect organizations by potentially compromising systems and data accessed through the vulnerable browser, leading to data integrity issues and system disruption.