New Alerts for Cisco, Pilz, IBM, Artica, Bosch, and Linux.

Cisco 

Cisco has published 7 new bulletins, Highest CVSSv3 score of 8.2
More info.

A vulnerability in the SAML authentication process of Cisco Secure Client could allow a remote attacker to conduct a CRLF injection attack against a user. CVSSv3 score of 8.2
More info.

Pilz 

The PITreader product family contains the 3rd-party-component uC/HTTP to implement the web server functionality. uC/HTTP is affected by multiple vulnerabilities. These vulnerabilities may enable a remote attacker to gain full control over the system. CVSSv3 score of 9.8.
More info. (registration required)

IBM 

Vulnerabilities have been identified with the DS8900F Hardware Management Console. Highest CVSSv3 score of 9.8
More info.

An execute arbitrary code vulnerability in Apache Axis, an authentication bypass vulnerability in Apache Shiro, and several vulnerabilities in SnakeYAML affect IBM WebSphere Service Registry and Repository. Highest CVSSv3 score of 9.8
More info.

Artica 

Artica Proxy contains several vulnerabilities reported by KoreLogic. No patches.
More info.

Bosch 

Multiple Git for Windows vulnerabilities have been discovered in DIVAR IP System Manager, affecting several Bosch DIVAR IP all-in-one models.. Highest CVSSv3 score of 9.8
More info.

Linux 

Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts