CND News and Blog

New Alert for Hitachi Energy.     Oracle Quarterly Patches are due out this afternoon.    More info. Hitachi Energy Hitachi Energy is aware of an internally reported vulnerability in the HCI Modbus TCP function of the RTU500 series providing support for Modbus TCP slave functionality. An attacker could send a specially craf...

New Alerts for Microsoft Edge (Exploit), IBM, HCL Software, and Google. Microsoft Microsoft has updated chromium-based Edge to fix the latest security vulnerabilities in chromium, some are being actively exploited.More info. IBM Gdal and Expat vulnerabilities affect IBM Netezza Analytics for NPS. Highest CVSSv3 score of 9.8More info. And here. And ...

New Alerts for Johnson Controls, Red Lion, Google Chrome (Exploit), HMS Networks, IBM, and Hitachi.      The pre-release for Oracle Quarterly Patches (out next week) is out now. More info. Johnson Controls Johnson Controls Metasys ADS/ADX/OAS Servers contain an Incomplete Cleanup vulnerability. Successful exploitation ...

Monthly Patches are out for Palo Alto Networks. Quarterly Patches are out for Juniper. New Alerts for Cisco, Schneider Electric, and Linux. Cisco Cisco has published 23 new bulletins, 1 rated Critical, 13 High, and the rest Medium. There is also 1 updated bulletin, rated Critical.More info.A vulnerability in the authentication functionality of Cisc...

New Alerts for Apache Struts, Aethon, Dell, HP, and Linux. Apache Apache has released a security advisory to address a vulnerability in Struts. An attacker could exploit this vulnerability to execute remote code, and possibly take control of an affected system. More info. And here. Aethon Aethon TUG Home Base Server contains several vulnerabilities...

Monthly Patches are out for Microsoft and Adobe. Microsoft Microsoft Monthly Patches are out, with 145 patched vulnerabilities, 10 rated Critical, 1 publicly disclosed vulnerability in Windows User Profile Service, and 1 exploited EoP vulnerability in Windows Common Log File System Driver. Highest CVSSv3 score of 9.8More info. And here. And here.An...

Monthly Patches are out for Siemens, SAP, and Schneider Electric. New Alerts for Google Chrome, Phoenix Contact, and IBM. Monthly Patches for Microsoft and Adobe are expected this afternoon. Google Google has published an update for Chrome for Desktop with fixes for 11 security vulnerabilities.More info. Phoenix Contact mGuard Device Manager uses t...

New Alerts for ABB, SICK, NetApp, HCL Software, and Linux. ABBTwo vulnerabilities in third-party software affect ARM600 M2M Gateway. A successful exploit could allow attackers to execute code with root user privileges. Highest CVSSv3 score of 9.8More info. SICKSICK has reported a vulnerability in the SICK MSC800 that allows an attacker to predict t...

New Alerts for Microsoft Edge, IBM, NetApp, Mozilla Thunderbird, and Linux. Microsoft has updated chromium-based Edge with the latest patches for a security vulnerability in chromium.More info. Json4j is used IBM Watson Machine Learning Accelerator. Json-schema could allow a remote attacker to execute arbitrary code. CVSSv3 score of 9.8 More info.M...

New Alerts for VMware, Weidmueller, Mitsubishi Electric, Xylem, HCL Software, Tenable, Bitdefender, HPE, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#...

Monthly Patches are out for Fortinet. New Alerts for Mozilla, CODESYS, Aruba, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cy...

Monthly Patches are out for Qualcomm, Google Android, Google Pixel, and Samsung. New Alerts for Meinberg, Google Chrome, SICK, and NetApp. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-ra...

New Alerts for Microsoft, Pulse Secure, Fortinet, VMware Tanzu (Exploit), HP, and F5. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber...

New Alerts for Hitachi Energy, Apple (Exploit), GitLab, Rockwell Automation, GE Gas Power, GE Renewable Energy, IBM, NETGEAR, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-rada...

New Alerts for VMware (Spring - Exploit), Palo Alto Networks, Mitsubishi Electric, NetApp, Tenable, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alert...

New Alerts for Google Chrome, Dell, Zyxel, Trend Micro (Exploit), HPE, VMware, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry C...

New Alerts for IBM, Brocade, VMware Tanzu, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber Threat Intelligence - The Radar...

New Alerts for Google Chrome (Exploit), Microsoft Edge (Exploit), Atlassian, Phoenix Contact, and Sophos. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Sec...

New Alerts for SonicWall, Splunk, HCL Software, Western Digital, Moxa (Exploit, kinda), and NetApp. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security ...

New Alerts for OWASP ZAP Proxy and NetApp. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber Threat Intelligence - The Radar Page https...