New Alerts for Rockwell Automation, IBM, HP, BIND, and Linux.

Rockwell Automation 

A vulnerability in the ThinManager ThinServer software could allow an attacker to make the software unresponsive or execute arbitrary code. CVSSv3 score of 8.1
More info.

IBM 

Postgresql is shipped with IBM Tivoli Netcool Impact and contains security vulnerabilities. Highest CVSSv3 score of 9.8
More info.

HP 

Certain HP Print Products are potentially vulnerable to Buffer Overflow and/or RCE. Highest CVSSv3 score of 9.8
More info.

BIND 

The DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch, resulting in a DoS over time. CVSSv3 score of 7.5
More info. And here.

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. CVSSv3 score of 7.5
More info.

Changes between OpenSSL 1.x and OpenSSL 3.0 expose a flaw in named that causes a small memory leak in key processing when using TKEY records in Diffie-Hellman mode. CVSSv3 score of 7.5
More info.

A flaw in resolver code can cause named to spend excessive amounts of time on processing large delegations. CVSSv3 score of 5.3
More info.

Linux 

Oracle Linux has updated the kernel More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts