Enterprise Vulnerabilities

From DHS/US-CERT's National Vulnerability Database

PUBLISHED:

2020-09-24

The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.



PUBLISHED:

2020-09-24

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CW...



PUBLISHED:

2020-09-24

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CW...



PUBLISHED:

2020-09-23

An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. T...



PUBLISHED:

2020-09-23