Skip to main content

CND News and Blog

New Vulnerabilities Thursday 08 December


Monthly Patches are out for Fortinet. New Alerts for TIBCO, Rockwell Automation, Lenovo, PHP, and Wireshark.

TIBCO 

TIBCO Nimbus Web Client contains a vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. CVSSv3 score of 9.3
More info.

Rockwell Automation 

Logix Controllers contain a vulnerability that will allow a remote attacker to cause a DoS on a targeted device. CVSSv3 score of 8.6
More info.

Lenovo 

AMI reported potential security vulnerabilities in some AMI MegaRAC SP-X Baseboard Management Controller that may allow user enumeration, unauthorized access or arbitrary code execution. Highest CVSSv3 score of 9.8
More info.

Fortinet 

Monthly Patches are out with 6 bulletins, 1 rated High, 2 rated Medium, and 3 rated Low. Highest CVSSv3 score of 7.7
More info.

PHP 

PHP has updates to fix several vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here. And here.

Wireshark 

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
More info. And here.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 29 March 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/