New Alerts for Siemens, Xerox, Philips, Pepperl+Fuchs, IBM, and Linux.
Siemens
SiPass contains an out of bounds read vulnerability that could allow a remote attacker to create a DoS. CVSSv4 score of 8.7
More info.
SiPass integrated ACC devices do not properly check the integrity of firmware updates. This could allow a remote attacker to upload a maliciously modified firmware onto the device. CVSSv4 score of 8.2
More info.
Xerox has published security updates for third-party software included in FreeFlow Print Server v7 and v9.
More info. And here.
Philips ST80i is vulnerable to Microsoft's CLFS scripting engine memory corruption. CVSSv3 score of 7.5
More info. And here.
Profinet Gateway products have been updated to fix 2 vulnerabilities that allows a remote attacker to access information about running processes via the SNMP protocol, and also trigger a reboot. Highest CVSSv3 score of 8.2
More info.
IBM has published Critical bulletins for TSSC/IMC, MANTA Automated Data Lineage, Integration Bus for z/OS, Guardium Data Protection, watsonx Assistant Cartridge, watsonx Orchestrate, Integrated Analytics System, Security QRadar EDR, and Maximo Application Suite.
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel and kernel-rt. More info.
Debian has updated the kernel. More info.
Mageia has updated the microcode. More info.
AlmaLinux has updated the kernel. More info.
