New Alerts for Cisco, Mitsubishi Electric, GitLab, Johnson Controls, and Linux.

Cisco

Cisco has published 10 new bulletins, 2 rated High and 8 rated Medium. Highest CVSSv3 score of 7.4
More info.

A vulnerability in the vKVM connection handling of Integrated Management Controller could allow a remote attacker to redirect a user to a malicious website. CVSSv3 score of 7.1
More info.

Mitsubishi Electric

Information disclosure, information tampering, and Denial of Service (DoS) vulnerabilities exist in MELSEC iQ-F series CPU module. Highest CVSSv3 score of 7.5
There are no plans to fix this, use a firewall!
More info. And here.

GitLab

GitLab has published a patch update that fixes 4 security vulnerabilities, all rated Medium. Highest CVSSv3 score of 6.5
More info.

Johnson Controls

Multiple input validation issues exist in the iSTAR Configuration Utility (ICU) tool. CVSSv3 score of 7.5
No patches yet.
More info.

Linux

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts