Skip to main content

CND News and Blog

New Vulnerabilities Monday 22 April


New Alerts for Dräger, Moxa, Siemens (Exploit), IBM, ownCloud, and Linux.

Dräger 

Dräger Core and M540 Converter Service contains a vulnerability that allows a remote attacker to send a specially crafted SDC message and cause a DoS. CVSSv3 score of 7.5
Patches will be provided in the next product release.
More info.

Moxa 

The AIG-301 Series product is affected by multiple Azure uAMQP vulnerabilities. A remote attacker can achieve RCE. Highest CVSSv3 score of 9.8
More info.

Siemens Exploit

RUGGEDCOM APE 1808 devices contain the Palo Alto Networks GlobalProtect, and the associated vulnerability. They are preparing patches. Implement countermeasures. CVSSv3 score of 10.
More info.

IBM 

Multiple security vulnerabilities have been addressed in updates to Security Verify Governance - Identity Manager. Highest CVSSv3 score of 9.8
More info.

Multiple vulnerabilities affect Db2 on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data. Highest CVSSv3 score of 9.8
More info.

Edge Application Manager 4.5.5 addresses several security vulnerabilities. Highest CVSSv3 score of 9.8
More info.

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. Highest CVSSv3 score of 9.8
More info.

Order Management removed parts of legacy code that carried vulnerabilites. Highest CVSSv3 score of 10
More info.

ownCloud 

Improper validation may allow a remote attacker to bypass authentication and gain access to users' files. Prior knowledge of a username and a file path is needed in order to gain access to a certain file. CVSSv3 score of 7.5
More info.

Linux 

Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 22 May 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/