Monthly Patches are out for Schneider Electric, Siemens, and SAP. New Alerts for HPE, Citrix, Zoom, and Linux. Monthly Patches for Microsoft and Adobe are expected this afternoon, and Palo Alto expected tomorrow.
Schneider Electric
Monthly Patches include 4 new bulletins, all remotely exploitable without authentication, and 2 updated bulletins. Of the new bulletins, highest CVSSv4 score of 10
More info.
Monthly Patches include 12 new bulletins and 13 updated bulletins. Of the new bulletins, highest CVSSv4 score of 10.
More info.
TeleControl Server Basic contains a deserialization vulnerability allows a remote attacker to execute arbitrary code. CVSSv4 score of 10.
More info.
SAP Monthly Patches include 8 new and 2 updated Security Notes. Highest CVSSv3 score of 8.8
More info.
A security vulnerability has been identified in the HP-UX NTP service that allows a remote attacker to achieve DoS, unauthorized write access to the file system, and null pointer dereference. Highest CVSSv3 score of 6.4
More info.
Security vulnerabilities in HPE Cray servers could allow a remote attacker to achieve remote buffer overflow and DoS. Highest CVSSv3 score of 8.3
More info.
Two vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway. Highest CVSSv4 score of 8.4
More info.
Improper input validation in some Zoom Apps may allow a remote attacker to conduct a disclosure of information. Highest CVSSv3 score of 8.1
More info.
Ubuntu has updated the kernel. More info.
