New Alerts for Microsoft Edge, WAGO, SICK, PostgreSQL JDBC, NetApp, and Splunk.
Microsoft
Microsoft has updated Edge with the latest chromium vulnerability fixes.
More info.
Vulnerabilities exist in the WAGO Device Manager that allow remote attackers to send requests and read server responses through crafted web applications or to access the file system. Highest CVSSv3 score of 8.8
More info.
Multiple vulnerabilities exist in the products SICK Field Analytics and SICK Media Server that could potentially affect the confidentiality, integrity an availability of the products. Highest CVSSv3 score of 8.6
More info.
When the PostgreSQL JDBC driver is configured with channel binding set to required, the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding. This could allow a MitM attacker to intercept connections that users believed were protected by channel binding requirements. CVSSv3 score of 8.2
More info.
NetApp has published 12 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.1
More info.
Splunk has published 2 new bulletins identifying vulnerabilities in third-party software included in their products, 1 rated Critical and 1 rated High.
More info.
