New Alerts for Palo Alto Networks (Exploit activity and patches), Microsoft Edge, HPE, HP, NetApp, and Linux.
Palo Alto Networks Exploit
A command injection vulnerability in the GlobalProtect feature for specific PAN-OS versions and distinct feature configurations may enable a remote attacker to execute arbitrary code with root privileges on the firewall. CVSSv4 score of 10
Some patches are now available.
Exploits reported.
More info.
Microsoft has updated Edge with the latest chromium updates
More info.
Security vulnerabilities have been identified in HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 that could be exploited to overwrite SMM memory leading to execution of arbitrary code with privilege elevation. CVSSv3 score of 9.8
More info.
HP ThinPro contains security vulnerabilities. Highest CVSSv3 score of 9.8
More info.
NetApp has published 13 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 8.4
Six have patches.
More info.
SUSE has updated the kernel. More info.
Debian as updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page