Skip to main content

New Vulnerabilities Tuesday 21 May

New Alert for IBM.  IBM  IBM Cloud Pak for Network Automation has been updated to address multiple security vulnerabilities. Highest CVSSv3 score of 9.8More info.IBM has released a fix for IBM Db2 REST in response to multiple vulnerabilities. Highest CVSSv3 score of 9.8More info. Security Wizardry Cyber Threat Intelligence - The Radar Pag...

0
  21
  0

New Vulnerabilities Monday 20 May

New Alerts for Dell, Asterisk, Mozilla, and Cerberus. Dell  Dell has updated NetWorker Runtime Environment to fix several Java SE Embedded vulnerabilities. Dell rates this Critical.More info. Asterisk  A vulnerability allows all unauthorized SIP requests to be identified as PJSIP Endpoint of local asterisk server. CVSSv3 score of 5.8More ...

0
  29
  0

New Vulnerabilities Friday 17 May

New Alerts for SolarWinds, Microsoft Edge (exploit), HPE, NetApp, IBM, MongoDB, and Linux. TGIF! SolarWinds  The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. This vulnerability allows access to the RabbitMQ management console. CVSSv3 score of 8.6More info. Microsoft Exploit ...

0
  52
  0

New Vulnerabilities Thursday 16 May

New Alerts for Cisco, D-Link (0-Day), Google Chrome (Exploit), Phoenix Contact, Wireshark, F5, and Linux. Cisco  Cisco has published 8 new bulletins, three rated High and four rated Medium. Highest CVSSv3 score of 7.8More info. Multiple vulnerabilities in the web-based management interface of AsyncOS Software for Secure Email and Web Manager; ...

0
  58
  0

New Vulnerabilities Wednesday 15 May

Monthly Patches are out for Microsoft, Adobe, and Fortinet. New Alerts for Mozilla, Aruba, Bosch, and Linux. Microsoft  Microsoft Monthly Patches are out, with 67 patched vulnerabilities, 1 rated Critical, and 1 other actively exploited. Highest CVSSv3 score of 8.8More info. And here.Microsoft has patched Edge for the currently exploited chrom...

0
  65
  0

New Vulnerabilities Tuesday 14 May

Monthly Patches are out for Siemens and SAP. New Alerts for Apple, Google Chrome (Exploit), Extreme Networks, Cacti, and Linux. Apple  Apple has published updates for iOS, iPadOS, macOS, watchOS, tvOS, and Safari. One exploited vulnerability is patched for older versions of macOS and iOS.More info. And here. Siemens  Siemens Monthly Patch...

0
  56
  0

New Vulnerabilities Monday 13 May

New Alerts for Microsoft Edge (exploit), PowerDNS, Apache OFBiz, Belden, NetApp, and Linux. Microsoft Exploit Microsoft has updated Edge with the latest chromium vulnerability fixes and one Edge-specific fix.There are active exploits.More info. PowerDNS  When incoming DNS over HTTPS support is enabled using the nghttp2 provider a remote attack...

0
  46
  0

New Vulnerabilities Friday 10 May

New Alerts for Google Chrome for Desktop (Exploit), Microsoft Edge (Exploit), Delta, Alpitronic, Juniper, HP, and Mozilla. Google Exploit Google has updated Chrome for Desktop to fix one security vulnerability rated High that is being actively exploited.More info.Microsoft is aware. More info. Delta  Delta Electronics InfraSuite Device Master ...

0
  56
  0

New Vulnerabilities Thursday 09 May

Quarterly Patches are out for F5. New Alerts for BD, Rockwell Automation, Apple, IBM, and GitLab. BD  BD has published updates for vulnerabilities in 3rd party software included in Pyxis.More info. Rockwell Automation  FactoryTalk Historian SE use the AVEVA PI Server, which contains vulnerabilities that could allow a remote attacker to ca...

0
  73
  0

New Vulnerabilities Wednesday 08 May

Monthly Patches are out for Google Pixel. New Alerts for Google Chrome, F5, Aruba, Veeam, IBM, Dell, and Linux. Google  Monthly patches are out for Pixel with two vulnerabilities plus Android updates.More info.Google has updated Chrome for Desktop to fix 2 security vulnerabilities.More info. F5  BIG-IP contains a vulnerability that allows...

0
  77
  0

New Vulnerabilities Tuesday 07 May

Monthly Patches are out for Google Android and Samsung Android. New Alerts for Samsung, IBM, Dell, and Linux. Google  Google has published Monthly Patches for Android, with 9 patched vulnerabilities and Arm, MediaTek, and Qualcomm patches. Of the Android patches, 1 is rated Critical and the rest High.More info. Samsung  Samsung Monthly Pa...

0
  74
  0

New Vulnerabilities Monday 06 May

Monthly Patches are out for Qualcomm and MediaTek. New Alerts for Bouncy Castle, Linksys (0-Day), Moxa, Westermo, and Linux. Bouncy Castle  Several security vulnerabilities have been patched in the latest version of Bouncy Castle.More info. Linksys 0-Day Two critical security vulnerabilities have been disclosed in Linksys E5600 routers, allowi...

0
  69
  0

New Vulnerabilities Friday 03 May

New Alerts for CyberPower, PcVue, Microsoft Edge, IBM, NetApp, and Linux. CyberPower  Power Panel has been updated to fix several security vulnerabilities, included hard-coded credentials. Highest CVSSv3 score of 9.8More info. PcVue  A vulnerability has been identified in the TMW IEC 61850 Client libraries resulting from specially crafted...

0
  69
  0

New Vulnerabilities Thursday 02 May

New Alerts for Dropbox Sign (Exploit), Cisco, SonicWall, Tinyproxy, IBM, and HashiCorp. Dropbox Exploit Dropbox has reported an incident in their Dropbox Sign product that exposed customer information as well as customers simply signing a document.More info. Cisco  Multiple vulnerabilities in Cisco IP Phone firmware could allow a remote attack...

0
  80
  0

New Vulnerabilities Wednesday 01 May

New Alerts for Google Chrome, IBM, Dell, HPE, Aruba, and Linux. Google  Google has updated Chrome for Desktop to fix 2 security vulnerabilities.More info. IBM  Multiple security vulnerabilities have been fixed in IBM Business Automation Manager Open Editions. Highest CVSSv3 score of 9.1More info.Vulnerabilities in OpenSSH and the edge Lin...

0
  109
  0

New Vulnerabilities Tuesday 30 April

New Alerts for Tenable and Linux. Tenable  Nessus Network Monitor has been updated to fix vulnerabilities in third-party software. Highest CVSSv3 score of 6.5More info. Linux  SUSE has updated the kernel. More info.Red Hat has updated the kernel. More info.Amazon Linux 2023 has updated the kernel. More info. Security Wizardry Cyber Threat...

0
  81
  0

New Vulnerabilities Monday 29 April

New Alerts for Belden, Microsoft Edge, and IBM. Belden  A vulnerability in the HTTP(S) management module of HiEOS devices could allow a remote attacker to bypass authentication for web server resources. CVSSv3 score of 9.8More info. Microsoft  Microsoft has updated Edge to include the latest chromium vulnerability fixes.More info. IBM&nbs...

0
  77
  0

New Vulnerabilities Friday 26 April

New Alerts for Honeywell, Secomea, NetApp, and UI. Honeywell  Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC contain security vulnerabilities that could disclose sensitive information, allow privilege escalation, or allow remote code execution. Highest CVSSv4 score of 9.2More info. Secomea  A classic...

0
  102
  0

New Vulnerabilities Thursday 25 April

New Alerts for Cisco (Exploit), Broadcom, Dell, and HPE. Cisco Exploit A vulnerability in the management and VPN web servers for Cisco ASA and FTD Software could allow a remote attacker to cause the device to reload unexpectedly, resulting in a DoS. CVSSv3 score of 8.6This is actively exploited.More info. Broadcom  Broadcom has published 4 new...

0
  96
  0

New Vulnerabilities Wednesday 24 April

New Alerts for BD, HCL Software, FreeRDP, Moxa, Meinberg, Google Chrome, PowerDNS, and Linux. BD  BD has provided security patches for third-party software for Care Coordination Engine.More info. HCL Software  The Domino Blog template contains a version of Dojo susceptible to a Prototype Pollution vulnerability. CVSSv3 score of 9.8More in...

0
  100
  0

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/