Monthly Patches are out for Qualcomm and MediaTek. New Alerts for Bouncy Castle, Linksys (0-Day), Moxa, Westermo, and Linux.
Bouncy Castle
Several security vulnerabilities have been patched in the latest version of Bouncy Castle.
More info.
Two critical security vulnerabilities have been disclosed in Linksys E5600 routers, allowing for command injections due to insufficient input validation. Highest CVSSv3 score of 9.8
No patches are available.
More info.
Qualcomm Monthly Patches are out with 9 addressed vulnerabilities, 1 rated Critical 7 rated High and 1 rated Medium. Highest CVSSv3 score of 8.4
More info.
MediaTek Monthly Patches are out with 10 vulnerabilities, 4 rated High and 6 rated Medium.
More info.
The NPort 5100A Series is affected by a web server vulnerability that allows remote attackers to get sensitive information and escalate privileges. CVSSv3 score of 8.3
More info.
EDW-100 contains 2 vulnerabilities including a hidden root user with a hardcoded password and insufficient authentication allowing a remote attacker to read the config file with the plaintext password. CVSSv3 score of 9.8
Mitigation and replacement are the correction options.
More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated kpatch. More info.
Gentoo Linux has updated systemd. More info.
