Monthly Patches are out for Qualcomm and MediaTek. New Alerts for Checkpoint (Exploit), Apache OfBiz, Apache Wicket, ifm, Progress, and Linux.
Checkpoint Exploit
Checkpoint has determined the Quantum Spark Gateways are vulnerable to the information disclosure security vulnerability as well.
More info.
Apache OfBiz contains a path traversal leading to RCE security vulnerability. CVSSv3 score of 9.8
More info. And here.
Apache Wicket contais a RCE via XSLT injection vulnerability. CVSSv3 score of 9.8
More info.
moneo "Forgot Password" function has a vulnerability which allows gaining privileged access. CVSSv3 score of 9.8
More info.
Qualcomm Monthly Patches are out with 7 vulnerabilities, 3 rated Critical, 3 rated High, and 1 rated Medium. Highest CVSSv3 score of 9.3
More info.
MediaTek Monthly Patches are out with 11 vulnerabilities, 5 rated High and 6 rated Medium.
More info.
Telerik Report Server allows a remote attacker to gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. CVSSv3 score of 9.8
More info. And here.
Red Hat has updated the kernel. More info.
Debian has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page