Monthly Patches are out for Qualcomm and MediaTek. New Alerts for SoftEther, Moxa, IBM, Dell, and NetApp.
SoftEther
SoftEther VPN and PacketiX VPN contain multiple vulnerabilities in VPN Client function and Dynamic DNS Client function included in the VPN server. Highest CVSSv3 score of 8.1
More info. And here.
Qualcomm Monthly Patches are out with 10 vulnerabilities, 1 rated Critical, 2 rated High, and 7 rated Medium. There are an additional 7 vulnerabilities addressed in open source software. Highest CVSSv3 score of 8.4
More info.
MediaTek Monthly Patches are out with 24 vulnerabilities, 2 rated High and 22 rated Medium.
More info.
A user enumeration vulnerability exists in the TN-5900 Series. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.
More info.
APM JBoss and APM WebLogic Agents contain vulnerabilities from Apache Groovy. Highest CVSSv3 score of 9.6
More info.
Dell NetWorker remediation is available for zlib, libxml2, Apache Tomcat, and cURL multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info. And here. And here. And here.
Dell NetWorker Management Console remediation is available for Apache HTTP Server vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
Six have patches.
More info.
