Skip to main content

CND News and Blog

New Vulnerabilities Thursday 15 August


Quarterly Patches are out for F5, Monthly Patches are out for Palo Alto Networks. New Alerts for Spring, IBM,and Linux. 

F5 

F5 August Quarterly Security Notification lists 9 CVEs, 4 rated High and 5 rated Medium. Highest CVSSv4 score of 8.9
More info.

An attacker with access to obtain a user's session cookies can continue to use that session to access BIG-IP Next Central Manager and systems managed by BIG-IP Next Central Manager after that user has logged out. CVSSv4 score of 8.9
More info.

Two vulnerabilities allow a remote attacker to cause a DoS on the BIG-IP system. CVSSv4 score of 8.7
More info. And here.

When NGINX Plus is configured to use the MQTT filter module, undisclosed requests can cause an increase in memory resource utilization. CVSSv4 score of 8.7
More info.

Spring 

Spring Framework has fixed 2 DoS vulnerabilities.
More info.

Palo Alto Networks 

Palo Alto Monthly Patches include 4 bulletins. Highest CVSSv4 score of 8.6
More info.

Prisma Access Browser has incorporated the latest upstream Chromium security fixes. Highest CVSSv4 score of 8.6
More info.

A command injection issue in Cortex XSOAR CommonScripts Pack allows a remote attacker to execute arbitrary commands within the context of an integration container. CVSSv4 score of 7.
More info.

IBM 

Vulnerability in Apache Calcite Avatica and jackson-databind affect watsonx.data. CVSSv3 score of 9.8
More info. And here.

QRadar Suite Software has been updated to fix vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.

Linux 

Oracle Linux has updated the kernel. More info.
SUSE has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 08 December 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/