Sophos discovered an XG Firewall v17.x vulnerability regarding access to physical and virtual units configured with the user portal exposed on the WAN. This was a previously unknown buffer overflow vulnerability in the user portal HTTP/S bookmark feature.
Apache released a security advisory to address a vulnerability in Apache Tomcat where an attacker could exploit this vulnerability to cause a denial-of-service condition.
CVE-2020-1441 | Windows Spatial Data Service Elevation of Privilege Vulnerability. An elevation of privilege vulnerability exists when the Windows Spatial Data Service improperly handles objects in memory. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application.
June 18, 2020
Trend Micro has released Critical Patches (CP) for Trend Micro Apex One and OfficeScan XG that resolve multiple vulnerabilities in the product – including some critical (CVSS 9.1 & 10) ones.