Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27132PUBLISHED: 2020-12-11
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vul...
CVE-2020-27133PUBLISHED: 2020-12-11
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vul...
CVE-2020-27134PUBLISHED: 2020-12-11
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vul...
CVE-2020-28439PUBLISHED: 2020-12-11This affects all versions of package corenlp-js-prefab.
The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.'
Vulnerability can be exploited with the following PoC:
CVE-2020-28440PUBLISHED: 2020-12-11All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.