New Alerts for Cisco, HTTP/2, Ivanti, ABB, HPE, Lexmark, and Linux.
Cisco
Cisco has published 12 new bulletins, 1 rated High and the rest Medium. Highest CVSSv3 score of 7.5
More info.
A vulnerability in the OOB PnP feature of Cisco Nexus Dashboard Fabric Controller could allow a remote attacker to read arbitrary files. CVSSv3 score of 7.5
More info.
Many HTTP/2 implementations do not properly limit or sanitize the amount of CONTINUATION frames sent within a single stream. A remote attacker that can send packets to a target server can send a stream of CONTINUATION frames causing an OOM crash. CVSSv3 score of 7.5
More info.
Node.js has updated. More info.
Vulnerabilities have been discovered in Ivanti Connect Secure. Highest CVSSv3 score of 8.2
More info.
A DoS vulnerability in Control API 'VPNI' impacts S+ Operations, S+ Engineering and S+ Analyst. CVSSv3 score of 7.5
More info.
Security vulnerabilities have been identified in HPE Unified OSS Console Assurance Monitoring (UOCAM). These vulnerabilities could allow a remote attacker to achieve Authentication Bypass, DoS, SSRF. Highest CVSSv3 score of 9.8
More info.
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. CVSSv3 score of 8.8
More info.
Oracle Linux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page