US-CERT Bulletins

CISA Bulletins

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

Vulnerability Summary for the Week of May 25, 2020

Author: CISA
Posted: June 1, 2020, 10:25 am
Original release date: June 1, 2020

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adminpanel -- adminplanel
 
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter. 2020-05-24 7.5 CVE-2020-13433
MISC
MISC
apache -- kylin
 
Kylin has some restful apis which will concatenate os command with the user input string, a user is likely to b...

Read More

Vulnerability Summary for the Week of May 18, 2020

Author: CISA
Posted: May 25, 2020, 10:33 am
Original release date: May 25, 2020


The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
amd -- overdrive
 
An is...

Read More

Vulnerability Summary for the Week of May 11, 2020

Author: CISA
Posted: May 18, 2020, 10:39 am
Original release date: May 18, 2020


The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
actionpack_page-caching_gem --...

Read More

Vulnerability Summary for the Week of May 4, 2020

Author: CISA
Posted: May 11, 2020, 10:32 am
Original release date: May 11, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
apache -- syncope
 
Vulne...

Read More

Vulnerability Summary for the Week of April 27, 2020

Author: CISA
Posted: May 4, 2020, 10:45 am
Original release date: May 4, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
atrifex -- jbig2dec
 
jbig...

Read More