New Alerts for Flowise, Dell, HPE, Expat, WAGO, IBM, and Linux.
Flowise
Flowise contains a vulnerability where a node parses the user-provided input, executing JavaScript code without security validation, to build the MCP server configuration. CVSSv3 score of 10.
More info.
Dell has published a Critical bulletin for PowerProtect DP Series Appliance.
More info.
Security vulnerabilities have been identified in HPE Telco Unified Correlation and Automation. Highest CVSSv3 score of 7.5
More info.
libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. CVSSv3 score of 7.5
More info.
A vulnerability in the Ethernet switch circuit on CC100, Touch Panels 600 and Edge Controller is caused by a PullUp resistor at the reset input, leading to premature activation and undefined operation. CVSSv3 score of 6.5
New hardware is required to fix.
More info.
IBM has published a Critical bulletin for Business Automation Insights.
More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel, kernel-rt, and kpatch. More info.
Oracle Linux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page