NVD disclosure day
CVE-2024-8957
Halo Surface Signal: 3 out of 5 — possibly public-facing.
Affected PTZOptics cameras allow attackers to execute arbitrary commands by exploiting an OS command injection vulnerability. This could lead to unauthorized access and control of camera systems. Risk involves potential compromise of connected infrastructure.
CVE-2024-8956
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An authentication vulnerability in PTZOptics cameras allows remote attackers to access sensitive data and alter configurations, posing a business risk of data exposure and system compromise.
CVE-2024-38813
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A privilege escalation vulnerability in vCenter Server allows attackers with network access to gain root privileges, potentially compromising systems and data. This poses a business risk through unauthorized control.
CVE-2024-38812
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A heap-overflow vulnerability in VMware vCenter Server's DCERPC protocol implementation allows for remote code execution. This impacts organizations by enabling attackers with network access to potentially compromise systems, leading to data breaches or operational disruptions. The business risk is high due to the expl
CVE-2024-7873
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A flaw in the Veribase Order system allows attackers to inject malicious scripts, potentially exposing data and disrupting operations. This could impact employees and systems, posing a business risk.