Skip to main content

CND News and Blog

New Vulnerabilities Monday 30 September


New Alerts for CUPS, Microsoft Edge, HPE, Atelmo, Progress What's Up Gold, Synology and Linux.

CUPS 

Linux CUPS has a chain of vulnerabilities that can be used to achieve RCE.
Patches are rolling out in the various distros.
More info. And here.

Microsoft 

Microsoft has updated Edge with the latest chromium updates.
More info.

HPE 

Security vulnerabilities have been identified in HPE NonStop BackBox and QORESTOR products. Highest CVSSv3 score of 9.8
More info.

A security vulnerability in OpenSSH affects HPE Superdome Flex and Flex 280 platforms. This vulnerability could be exploited to allow remote unauthenticated code execution. CVSSv3 score of 8.1
More info.

Atelmo 

AM 520 HD Full HD Satellite Receiver contains an OS Command Injection vulnerability that could allow a remote attacker to execute system commands with elevated privileges. CVSSv4 score of 9.3
More info.

Progress 

WhatsUp Gold has six vulnerabilities. Highest CVSSv3 score of 9.8
More info.

Synology 

Buffer copy without checking size of input vulnerability in Synology Drive Client allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors. CVSSv3 score of 8.2
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated cups-filters. More info.
Oracle Linux has updated cups-filters. More info.
Debian has updated cups and cups-filters. More info.
Ubuntu has updated the CUPS and cups-filters. More info.
Mageia has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.
Amazon Linux 2023 has updated the kernel and microcode. More info.
AlmaLinux has updated cups-filters. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 04 October 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/