Quarterly Patches for Oracle are out this afternoon. Pre-release notice is available. New Alerts for Mitsubishi Electric, IBM, and Linux.
Mitsubishi Electric
An authorization bypass vulnerability exists in the WEB server function of the MELSEC iQ-F/iQ-R Series. An unauthenticated remote attacker may be able to access the WEB server function by guessing the random numbers used for authentication from several used random numbers. CVSSv3 score of 5.9
More info.
Oracle Quarterly Patches are expected out this afternoon. The pre-release notice lists 323 new security patches, with 216 being remotely exploitable without authentication. Highest CVSSv3 score of 9.9
More info.
Vulnerabilities in libExpat affect IBM Tivoli Network Manager IP Edition. CVSSv3 score of 9.8
More info.
Red Hat has updated the kernel. More info.
Comments