New Alerts for Microsoft Edge, Rockwell Automation, Wiesemann & Theis, Mozilla, BD, Samsung TV, and Linux.

Microsoft 

Microsoft has updated Edge with the latest chromium fixes.
More info.

Rockwell Automation 

A vulnerability has been identified in the third-party Apache log4net software, impacting the FactoryTalk Historian-ThingWorx Connector. CVSSv4 score of 9.3
Note this is a 7 year old vulnerability.
More info.

Wiesemann & Theis 

Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability. CVSSv3 score of 6.1
More info.

Mozilla 

Mozilla has published 2 bulletins for Thunderbird, both rated High.
More info.

BD 

BD has publisnhed Critical bulletins for Totalys, Phoenix M50, and BACTEC FX40.
More info.

Samsung 

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server (for Samsung TVs) allows remote attackers to write arbitrary file as system authority. CVSSv3 score of 9.8
More info.

Linux 

Oracle Linux has updated the kernel. More info.
AlmaLinux has updated the kernel and kernel-rt. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts