New Alerts for Walchem, Microsoft Edge, Juniper, Ubiquiti, Supermicro (Exploit), CODESYS, HPE, NetApp, and Linux.
Walchem
Walchem Intuition 9 firmware is missing authentication for some of the API routes of the management web server, allowing a remote attacker to download and export sensitive data. CVSSv3 score of 7.5
More info.
Microsoft has updated Edge for the latest chromium security vulnerabilities.
More info. And here. And here.
Multiple vulnerabilities in the J-Web component of Juniper Networks Junos OS on SRX Series and EX Series have been resolved. By chaining exploitation of these vulnerabilities, a remote attacker may be able to remotely execute code on the devices. Highest CVSSv3 score of 9.8
More info.
An integer overflow vulnerability in most UniFi Access Points and Switches with SNMP Monitoring and default settings enabled could allow a remote attacker to achieve RCE. Highest CVSSv3 score of 9.0
More info.
A stack overflow vulnerability in the BIOS firmware may allow a remote attacker manipulate a variable to hijack the control flow leading to the execution of arbitrary code. CVSSv3 score of 9.8
More info. And here.
Several CODESYS setups contain and install vulnerable versions of the WIBU CodeMeter Runtime. CVSSv3 score of 9.0
More info.
Multiple security vulnerabilities have been identified in PHP included in HP-UX Web Server Suite Software. These vulnerabilities may cause local and remote information disclosure, DoS, memory corruption, access restriction, or bypass security restrictions. Highest CVSSv3 score of 9.8
More info.
NetApp has published 17 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8 Only 1 has patches.
More info.
SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page