Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2019-4588
PUBLISHED: 2021-05-26

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

CVE-2020-22015
PUBLISHED: 2021-05-26

Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.

CVE-2021-20486
PUBLISHED: 2021-05-26

IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.

CVE-2021-20487
PUBLISHED: 2021-05-26

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.

CVE-2021-20492
PUBLISHED: 2021-05-26

IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 197793.

Read More HERE

Leave a Reply