Dark Reading | Security | Protect The Business

0
213
Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2020-13659
PUBLISHED: 2020-06-02

address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.

CVE-2020-10703
PUBLISHED: 2020-06-02


A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like …

CVE-2020-10739
PUBLISHED: 2020-06-02


Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, …

CVE-2020-10136
PUBLISHED: 2020-06-02


Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an…

Read More…