Quarterly Patches are expected for Oracle this afternoon. New Alerts for Rockwell Automation, IBM, NetApp, Veritas, Citrix (Exploit), and Linux.
Rockwell Automation
The Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing. The new ENIP connections cannot be established if impacted by this vulnerability, which prohibits operational capabilities of the device resulting in a DoS attack. CVSSv3 score of 7.5
More info.
The Oracle quarterly Critical Patch Update is out this afternoon. The pre-release announcement lists 503 security patches, 366 of which are exploitable without authentication. Highest CVSSv3 score of 9.8
More info.
Multiple security vulnerabilities related to the third-party components have been addressed in IBM Security Verify Governance. Highest CVSSv3 score of 9.8
More info. And here.
NetApp has published 7 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8 4 have patches available.
More info.
The NetBackup BPCD process inadequately validates the file path allowing a remote attacker to upload and execute a custom file. CVSSv3 score of 9.8
More info.
Multiple vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway. Highest CVSSv3 score of 9.8
Exploits have been observed.
More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
Comments