New Alerts for Google Chrome for Desktop (Exploit), Microsoft Edge (Exploit), Delta, Alpitronic, Juniper, HP, and Mozilla.

Google Exploit

Google has updated Chrome for Desktop to fix one security vulnerability rated High that is being actively exploited.
More info.

Microsoft is aware. More info.

Delta 

Delta Electronics InfraSuite Device Master contains a deserialization of untrusted data vulnerability because it runs a vulnerable version of Apache ActiveMQ. CVSSv4 score of 9.3
More info.

Alpitronic 

Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator. CVSSv4 score of 8.3
Mitigations only, don't put it on the Internet, changing the default password.
More info.

Juniper 

Juniper has reported on multiple vulnerabilities reported in OpenSSH, used in Junos OS and Junos OS Evolved. Not all vulnerabilities are exploitable. Highest CVSSv3 score of 9.8
More info.

HP 

A vulnerability has been reported in the Grails open-source web framework used by Teradici PCoIP Management Console, which could lead to a JVM crash or DoS. CVSSv3 score of 7.5
More info.

Mozilla 

A vulnerability in Mozilla PDF.js could allow for arbitrary code execution when opening a malicious PDF.
More info. And here.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts