New Alerts for Zyxel, Festo, F5, NETGEAR, Hitachi Energy, Xerox, Apache Tomcat, and Linux.
Zyxel
Zyxel Firewall and AP products contain several vulnerabilities, one of which could be exploited by a remote attacker to trigger a DoS. CVSSv3 score of 7.5
More info.
Festo products use WIBU CodeMeter Runtime. A remote attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server. CVSSv3 score of 9.8
All products but Automation Suite have fixes.
More info.
BIG-IP, F5OS, and Traffix SDC use APR-util that could allow a remote attacker to overwrite memory beyond the intended buffer. Highest CVSSv3 score of 6.5
Only patches for F5OS so far.
More info.
A sensitive information disclosure security vulnerability exists in Prosafe NMS300. CVSSv3 score of 9.8
More info.
Hitachi Energy's OSS component Cyrus SASL contains a vulnerability that affects the SDM600 product. A remote attacker could cause a DoS. CVSSv3 score of 7.5
More info.
Hitachi Energy's Web server and HCI IEC 60870-5-104 component contain vulnerabilities that affects RTU500. A remote attacker could perform cross-site scripting on web server or a DoS. Highest CVSSv3 score of 6.0
More info.
Xerox has published an update for FreeFlow Print Server that includes Microsoft, Java, Firefox, and Apache security fixes.
More info.
Tomcat contains a request smuggling vulnerability that could cause Tomcat to treat a single request as multiple requests. CVSSv3 score of 5.3
More info.
Red Hat has updated the kernel. More info.
Comments