Skip to main content

CND News and Blog

New Vulnerabilities Tuesday 01 October


New Alerts for Diffie-Hellman, Splunk, Hitachi, F5, IBM, and Juniper Networks.

Diffie-Hellman 

D(HE)at Attack allows a remote attacker to overheat the CPU with computations, resulting in a DoS.
More info.

Splunk 

Splunk has updated the plug-in for AWS to fix a DoS.
More info.

Hitachi 

Cosminexus Component Container has been updated to fix an Apache Tomcat DoS. CVSSv3 score of 7.5
More info.

F5 

F5 has updated Traffix SDC to fix a vulnerability in Jinja that allows a remote attacker to bypass auto-escaping and potentially circumvent attribute validation checks. CVSSv3 score of 5.4
More info.

IBM 

Multiple vulnerabilities affect IBM Db2 on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data. Highest CVSSv3 score of 9.8
More info.

IBM Cloud Pak for Data is vulnerable to a variety of issues due to 3rd party software. Highest CVSSv3 score of 9.8
More info.

Instana Observability is vulnerable to SQL injection due to PostgreSQL driver and toolkit for Go, known as pgx. CVSSv3 score of 9.8
More info.

Juniper Networks 

Juniper has updated several products for BlastRADIUS. CVSSv4 score of 7.1
More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 04 October 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/