Cyber Security

Barnes & Noble Warns Customers About Data Breach


Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2020-27197
PUBLISHED: 2020-10-17

** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is used for the XML parser. NOTE: the vendor points out that the parse method "wrap…

CVE-2020-1047
PUBLISHED: 2020-10-16

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka ‘Windows Hyper-V Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1080.

CVE-2020-1080
PUBLISHED: 2020-10-16

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka ‘Windows Hyper-V Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1047.

CVE-2020-1167
PUBLISHED: 2020-10-16

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka ‘Microsoft Graphics Components Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-16923.

CVE-2020-1243
PUBLISHED: 2020-10-16

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual…



 

We Thank To Our Readers For Your All Contributes. We Still Seek Your Support In Pandemic CoronaVirus.
Donate Bellow For Better Future

[charitable_donation_form campaign_id=57167]

 

Source link

Back to top button
SoundCloud To Mp3