Oracle Quarterly Patches are out today. New Alerts for Cisco (Exploit), Paessler, IBM, and Linux.
Cisco Exploit
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet. This vulnerability allows a remote attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. CVSSv3 score of 10.
More info.
A Path Traversal vulnerability has been fixed in the PRTG webserver that could be leveraged without authentication. CVSSv3 score of 7.5
More info.
Oracle Critical Patch Update is out today. The pre-release lists 388 new security patches, with 219 remotely exploitable without authentication. Highest CVSSv3 score of 9.9
More info.
A vulnerability in pycrypto affects Integrated Analytics System. CVSSv3 score of 9.8
More info.
SUSE has updated the kernel. More info.
Red Hat has updated kpatch. More info.
Oracle Linux has updated the kernel. More info.
Comments