New Alerts for Cisco, Lexmark, HCL Software, and Linux.

Cisco 

Cisco has published 4 new bulletins, 3 rated High and 1 Medium. Highest CVSSv3 score of 8.8
More info.

A vulnerability in the OSPF feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 8.6
More info.

Lexmark 

Several models of Lexmark printers contain a vulnerable version of jQuery that can lead to a DoS or RCE. CVSSv3 score of 6.1
More info.

HCL Software 

HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking. CVSSv3 score of 5.9
More info.

HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc CVSSv3 score of 6.1
More info.

Linux 

Red Hat has updated rsync and systemd. More info.
Oracle Linux has updated rsync. More info.
Ubuntu has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts