New Alerts for GitLab, PTZOptics and other PTZ camera vendors, Siemens, Mitel, Ricoh, and XWiki.
GitLab
The latest GitLab release includes 10 security fixes, 4 rated High, 5 rated Medium, 1 rated Low. Highest CVSSv4 score of 8.7
More info.
PTZOptics and other Pan-Tilt-Zoom Camera providers contain several vulnerabilities including Hardcoded Credentials and Improper Authentication. CVSSv4 score of 9.3
PTZOptics has patched, but others have not.
More info.
A path traversal vulnerability in the NuPoint Unified Messaging component of Mitel MiCollab could allow a remote attacker to conduct a path traversal attack due to insufficient input validation. CVSSv3 score of 9.8
More info.
Several vulnerabilities have been reported in Ricoh software, including an RCE vulnerability in Ricoh Streamline NX PC client. Highest CVSSv3 score of 9.8
More info. And here.
Mendix Studio Pro contains a vulnerability in the module installation process, that could allow a remote attacker to write or modify arbitrary files in directories outside a developer's project directory. CVSSv4 score of 6.1
More info.
The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. It's possible to execute any SQL query. CVSSv4 score of 9.3
More info. And here.
