The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of April 2020.
Security researchers at Trend Micro discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware.Trend Micro also reported that, significantly small number of downloads of the app in Pakistan, India, Afghanistan, Bangladesh, Iran, Saudi Arabia, Austria, Romania, Grenada, and Russia. The spyware apps can steal Facebook messages, WhatsApp messages, text messages, contact lists, call logs, photos,...
Read More
Description:A vulnerability was identified in Google Chrome, a remote attacker could exploit this vulnerability to trigger remote code execution and denial of service on the targeted system. Impact:Denial of ServiceRemote Code Execution Google Chrome (Desktop version) prior to 81.0.4044.113 version are vulnerable. Mitigation:Updates are available.Google has released Chrome version 81.0.4044.113 for Windows, Mac, and Linux.Please see the references or vendor advisory for more information. Reference:https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html
Description: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more...
Read More
Description: Google has released Chrome version 81.0.4044.92 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
