New Alerts for Cambium Networks, InHand Networks, IBM, Apache Tomcat, Zyxel, and Linux.
Cambium Networks
Cambium Networks cnMaestro contains multiple vulnerabilities, including OS Command Injection, SQL Injection, Path Traversal, and Use of Potentially Dangerous Function, Successful exploitation of these vulnerabilities could allow a remote attacker to gain RCE, sensitive data exfiltration, and complete takeover of the main multi-tenant cloud infrastructure. Highest CVSSv3 score of 9.8
More info.
InHand Networks has confirmed the vulnerabilities impacting the Industrial Router IR302, which will allow attackers to execute arbitrary commands, file uploading, increase privileges or steal cookies via specific request. Highest CVSSv3 score of 9.9
More info.
Vulnerability in IBM SDK Java affects IBM Cloud Pak System. CVSSv3 score of 9.8
More info.
IBM Security Guardium has fixed several vulnerabilities by updating the Apache Thrift component. Highest CVSSv3 score of 9.8
More info.
Apache Tomcat has a Request Mix-up vulnerability that could result in connections using the same object concurrently which could result in information disclosure. Apache rates this High.
More info.
Zyxel has released patches for an OS command injection vulnerability. CVSSv3 score of 9.8
More info.
SUSE has updated the kernel. More info.
Ubuntu has updated the kernel and rsyslog. More info.
Comments