Skip to main content

CND News and Blog

New Vulnerabilities Tuesday 27 September


New Alerts for Advantech, Veritas, NetApp, and Linux.

Advantech 

An SQL injection vulnerability in Advantech iView. An unauthenticated remote attacker bypass checks to perform SQL injection. For example, the attacker can exploit the vulnerability to retrieve the iView admin password. CVSSv3 score of 9.8
More info.

Veritas 

The NetBackup Primary server is vulnerable to Path traversal, DoS, and XXE injection attacks through the DiscoveryService service. CVSSv3 score of 5.3
More info.

The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service. CVSSv3 score of 9.0
More info.

NetApp 

SnapCenter shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented. CVSSv3 score of 3.1
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 26 April 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/