Quarterly Patches are out for Splunk. New Alerts for D-Link, Roundcube, BD, IBM, HPE, Mozilla, and Linux.
D-Link
DIR-3040 contains a stack-based overflow vulnerability that coule elevate to multiple attack vectors, allowing RCE. CVSSv3 score of 9.8
More info.
Splunk Quarterly Patches are out, with 11 bulletins, 9 rated High and 2 rated Medium. Highest CVSSv3 score of 9.8
More info.
The Password Recovery Plugin contains 2 vulnerabilities that can be exploited to enumerate users and change an existing user's password. Highest CVSSv3 score of 7.5
No solution at this time.
More info.
BD has published security patches to fix third-party vulnerabilities in FACSymphony A1/A3/A5 Systems and FACS Sample Prep Assistant Systems,
More info.
Multiple vulnerabilities in exist IBM Storage Defender – Data Protect. Highest CVSSv3 score of 9.3
More info.
Multiple vulnerabilities exist in CloudPak for Watson AIOps. Highest CVSSv3 score of 9.8
More info.
Potential security vulnerabilities has been identified in HPE Cloudline CL4150 BMC firmware. These vulnerabilities could be exploited to allow remote buffer overflow, code execution, arbitrary code execution and escalation of privilege. Highest CVSSv3 score of 9.9
More info.
Multiple security vulnerabilities have been identified in the B-Series SANnav Management Portal and SANnav Global View. The vulnerabilities could be exploited to disclose sensitive information, perform unauthorized access and modification of data, cause DoS, perform RCE, cause buffer overflow, bypass authentication and escalate privilege. Highest CVSSv3 score of 9.8
More info.
Mozilla has published security updates for Thunderbird rated High.
More info.
Oracle Linux has updated the kernel. More info.
Scientific Linux has updated the kernel. More info.
Comments