Cisco
Cisco has published 12 new bulletins, 3 rated High and the rest Medium. Highest CVSSv3 score of 7.8
More info.
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 7.5
More info.
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. CVSSv3 score of 7.5
More info.
SICK reported security vulnerabilities in a third-party library, Dropbear, that affects the SICK MARSIC 300 device. A successful exploitation of these vulnerabilities could lead to a remote code execution. CVSSv3 score of 9.8
More info.
Multiple vulnerabilities in third-party software may affect IBM Robotic Process Automation. Highest CVSSv3 score of 9.8
More info.
IBM QRadar Use Case Manager app is vulnerable to third-party software with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM Db2 is affected by multiple vulnerabilities in the included Expat 3rd party library. CVSSv3 score of 9.8
More info.
A potential security vulnerability in the OpenSSL Library may impact HPE IceWall products. The vulnerability could be exploited by a remote attacker resulting in a DoS.
More info.
Multiple vulnerabilities in open source components affect HCL Commerce. Highest CVSSv3 score of 9.8
More info. And here. And here.
Spring Security OAuth is susceptible to a DoS attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A remote attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, exhausting system resources. VMware rates this Critical.
More info.
Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components were found to contain vulnerabilities. Highest CVSSv3 score of 9.8
More info.
SUSE has updated the kernel, git, and others. More info.
OpenSUSE has updated the kernel. More info.
Comments