New Alerts for Microsoft Edge, Johnson Controls, Vonets, HPE, TOTOLINK, and Linux.
Microsoft
Microsoft has updated Edge with the latest chromium updates.
More info.
exacqVision Web Service contains a Permissive Cross-domain Policy with Untrusted Domains vulnerability. CVSSv4 score of 7.6
More info.
exacqVision Client, exacqVision Server key both contain an inadequate encryption strength vulnerability. CVSSv4 score of 9.0
More info.
Vonets Wifi Bridges contain several vulnerabilities, including Use of Hard-coded Credentials, Improper Access Control, Path Traversal, Command Injection, Improper Check or Handling of Exceptional Conditions, Stack Based Buffer Overflow, and Direct Request. Highest CVSSv4 score of 10
No response from the vendor.
More info.
HPE Fibre Channel and SAN Switches with Brocade Fabric OS (FOS) contain multiple vulnerabilities. Highest CVSSv3 score of 8.8
More info.
TOTOLINK EX1200L is vulnerable to a buffer overflow. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. Highest CVSSv3 score of 9.8
More info. And here.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
