New Alerts for Dataprobe, Bosch, Microsoft, VMware, Mozilla, Dell, Tenable, and Linux.
Dataprobe
Dataprobe iBoot-PDU FW contains multiple vulnerabilities, including: OS Command Injection, Path Traversal, Exposure of Sensitive Information to an Unauthorized Actor, Improper Access Control, Improper Authorization, Incorrect Authorization, and SSRF. Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe iBoot-PDU device. Highest CVSSv3 score of 9.8
More info.
BVMS Operator Client application or the VIDEOJET Decoder VJD-7513 may receive an unencrypted live-stream from a camera which allows a MitM attacker to compromise the confidential video streams. CVSSv3 score of 7.4
More info.
Disabling the Allow connection fallback to NTLM option in Client Push Installation Properties is not honored under certain conditions. CVSSv3 score of 7.5
More info.
Applications that allow HTTP PATCH access to resources exposed by Spring Data REST allow a remote attacker who knows about the structure of the underlying domain model to craft HTTP requests that expose hidden entity attributes. CVSSv3 score of 6.5
More info.
Mozilla has published updates rated High for Firefox and Firefox ESR.
More info.
NetWorker vProxy remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.
Nessus Network Monitor includes third-party software, and has been updated that software to correct security vulnerabilities. Highest CVSSv3 score of 9.8
More info.
Red Hat has updated the kernel More info.
Ubuntu has updated the kernel. More info.
Comments