New Alerts for Rapid Software, Microsoft Edge, D-Link (Exploit), GitLab, TRENDnet, NetApp, and Linux.
Rapid Software
Successful exploitation of vulnerabilities in Rapid SCADA could result in a remote attacker connecting to the server and perfoming attacks using the high privileges of a service, obtaining administrator passwords, learning sensitive information about the internal code of the application, or achieving remote code execution. Highest CVSSv3 score of 9.8
No response from vendor to CISA.
More info.
Microsoft has updated Edge to include chroumium updates and fix 4 Edge-specific vulnerabilities.
More info.
D-Link DIR-822+ contains several vulnerabilities that allow a remote attacker to execute commands or login to administrator accounts with empty passwords.
More info. And here. And here.
GitLab has been updated for several security vulnerabilties. Highest CVSSv3 score of 10.
More info.
TRENDnet TEW-821DAP AC1200 Wireless Access Point contains buffer overflow and command injection vulnerabilities that would allow a remote attacker to take over the device and gain access to its operating system.
More info.
NetApp has published 8 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 7.5
No patches yet.
More info.
Oracle Linux has updated the kernel. More info.
Comments