New Alerts for Cisco, OpenSSL, HPE, Mitel, Automated Telematics, ModSecurity, and Linux.

Cisco 

Cisco has published 10 new bulletins. Highest CVSSv3 score of 8.6
More info.

OpenSSL 

Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate.
More info.

HPE 

Multiple security vulnerabilities have been identified in HPE NonStop SSH, NonStop SSL and MR-Win6530 products that could be exploited to allow RCE, DoS, disclosure of information, buffer overflow or script injection. Highest CVSSv3 score of 9.8
More info.

Mitel 

A path traversal vulnerability has been identified in the WebApl component of OpenScape Xpressions, which could allow a remote attacker to conduct a local file read within the system due to insufficient input sanitization. CVSSv3 score of 7.5
More info.

Assured Telematics 

Assured Telematics Fleet Management System contains a vulnerability that allow a remote attacker to gain sensitive file system information or obtain administrative credentials. Highest CVSSv4 score of 8.7
More info.

ModSecurity 

A DoS vulnerability has been identified in ModSecurity. CVSSv3 score of 7.5
More info.

Linux 

SUSE has updated ucode-intel. More info.
OpenSUSE has updated ucode-intel. More info.
Oracle Linux has updated the kernel. More info.
AlmaLinux has updated the kernel and kernel-rt. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts