New Alerts for Citrix, Welotec, Hitachi Energy, Delta, HPE, and TRUMPF.
Citrix
Multiple vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway. Highest CVSSv4 score of 9.2
More info.
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. A remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key. CVSSv3 score of 9.8
More info.
Hitachi Energy is aware of a remote code execution vulnerability that affects the Oracle WebLogic component in Service Suite allowing a remote attacker to cause confidentiality, integrity and availability impacts. CVSSv3 score of 9.8
More info.
Multiple reported vulnerabilities affect Asset Suite that can potentially impact on confidentiality, integrity and availability of the product. Highest CVSSv3 score of 7.8
More info.
Delta's COMMGR contains Stack-based Buffer Overflow and Code Injection Vulnerabilities. Highest CVSSv3 score of 8.6
More info.
Security vulnerabilities have been identified in HP-UX PAM RADIUS that may cause Denial of Service, Cross-Site Request Forgery and Buffer Overflow. Highest CVSSv3 score of 9.0
More info.
The TRUMPF remote support infrastructure selects an outdated encryption algorithm when setting up communication channels for machines. This cannot be prevented for old machines. For most machines it is possible to change the encryption settings. CVSSv3 score of 7.5
More info.
