CND News and Blog

New Vulnerabilities Tuesday 17 January

michele654 Vulnerabilities Tuesday, 17 January 2023 781 Hits 0 Comments

Quarterly Patches for Oracle are out this afternoon. Pre-release notice is available. New Alerts for Mitsubishi Electric, IBM, and Linux.

Mitsubishi Electric

An authorization bypass vulnerability exists in the WEB server function of the MELSEC iQ-F/iQ-R Series. An unauthenticated remote attacker may be able to access the WEB server function by guessing the random numbers used for authentication from several used random numbers. CVSSv3 score of 5.9
More info.

Oracle

Oracle Quarterly Patches are expected out this afternoon. The pre-release notice lists 323 new security patches, with 216 being remotely exploitable without authentication. Highest CVSSv3 score of 9.9
More info.

IBM

Vulnerabilities in libExpat affect IBM Tivoli Network Manager IP Edition. CVSSv3 score of 9.8
More info.

Linux

Red Hat has updated the kernel. More info.

Report Print

About the author

michele654

Author's recent posts

Comments

No comments made yet. Be the first to submit a comment

CND News and Blog

New Vulnerabilities Tuesday 17 January

Security Wizardry Cyber Threat Intelligence - The Radar Page

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

SecurityWizardry.com - Vulnerability Details

About the author

michele654

Author's recent posts

Comments

Other Pages