New Alerts for Cisco (Exploit), NVIDIA, Bosch, F5, Broadcom, NetApp, Linux, and FreeBSD.
Cisco Exploit
Multiple vulnerabilities in the web-based management interface of Small Business SPA300/500 Series IP Phones allows a remote attacker to execute arbitrary commands on the underlying operating system or cause a DoS. CVSSv3 score of 9.8
More info.
A previously reported vulnerability in SSM On-Prem now has exploit code out. CVSSv3 score of 10
More info.
NVIDIA has released a firmware update for Mellanox OS, ONYX, Skyway, and MetroX. This update addresses security issues that could lead to Information Disclosure. CVSSv3 score of 7.5
More info.
Multiple Curl vulnerabilities in the Git for Windows component have been discovered in DIVAR IP System Manager, affecting several Bosch DIVAR IP all-in-one models. Highest CVSSv3 score of 8.6
More info.
Apache HTTPD vulnerabilities affect Traffix SDC. Highest CVSSv3 score of 8.2
No patches.
More info. And here.
ASCG utilizes Rocky Linux which has addressed a number of potential security vulnerabilities.
More info.
Broadcom Mainframe Software is reporting a vulnerability in Common Components and Services for z/OS. CVSSv3 score of 7.5
More info.
NetApp has published 10 bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 7.5
Only 1 has patches.
More info.
Red Hat has updated the kernel and kernel-rt. More info.
Amazon Linux has updated the kernel. More info.
Amazon Linux 2023 has updated the kernel. More info.
FreeBSD
FreeBSD has published several important updates as well. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page