Skip to main content

CND News and Blog

Categories
Teams
Archives
Categories:   All Categories
Suggested keywords
x

New Vulnerabilities Thursday 05 October

Vulnerabilities 397 Hits 0 Comments


New Alerts for Apple (Exploit), Cisco, Atos, Google, Microsoft (Exploit), Atlassian (Exploit), HP, Wireshark, and Linux 


Apple Exploit

Apple has published updates for actively exploited vulnerabilties in iOS and iPadOS. CVSSv3 score of 8.8
More info. And here.

Cisco 

A vulnerability in Cisco Emergency Responder could allow a remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. CVSSv3 score of 9.8
More info.

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow a remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. CVSSv3 score of 8.6
More info.

Atos 

An argument injection vulnerability has been identified for Atos Unify OpenScape SBC and Atos Unify OpenScape Branch. Insufficient input validation in the web interface may allow a remote attacker to bypass the administrative web interface to execute arbitrary code. CVSSv3 score of 9.8
More info.

Google 

Google Pixel Monthly Patches are out with 17 vulnerabilities plus Android and Qualcomm patches. Of the Pixel vulnerabilities, 2 are rated Critical, 5 are rated High, the rest Medium.
More info.

Microsoft Exploit

Microsoft has updated Edge with the latest chromium update to fix an exploited vulnerability.
More info.

Atlassian Exploit

Confluence Data Center and Server contain a vulnerability that allows a remote attacker to create unauthorized Confluence administrator accounts and access Confluence instances. CVSSv3 score of 10
More info.

HP 

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. Highest CVSSv3 score of 6.5
More info.

Wireshark 

Wireshark contains a vulnerability that could consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. CVSSv3 score of 5.3
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts
Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

About the author

michele654

michele654

Subscribe to updates from author Unsubscribe to updates from author michele654
Author's recent posts
More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 05 May 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/