New Alerts for Megasys Enterprises, HPE, Extreme Networks, Mozilla, OpenSSL, Hitachi Energy, and Linux.

Megasys Enterprises

Megasys Enterprises Telenium Online Web Application contains an OS Command Injection vulnerability. CVSSv4 score of 9.3
More info.

HPE

Four security vulnerabilities had been identified in Telco Service Orchestrator software rhR could be remotely exploited causing Unauthenticated Disclosure of Information, SQL Injection, DoS, and Allocation of Resources Without Limits or Throttling. Highest CVSSv3 score of 10.
More info.

Extreme Networks

Extreme Networks has published 2 new security bulletins identifying an Authentication Bypass vulnerability in Fabric Engine (VOSS) AutoSense and an Unauthenticated Brute Force vulnerability in ExtremeGuest Essentials Captive Portal.
More info. And here.

Mozilla

Mozilla has published security updates for Firefox and Firefox iOS.
More info.

OpenSSL

OpenSSL has been patched to fix 3 vulnerabilities, 2 rated Moderate and 1 rated Low.
More info. And here.

Hitachi Energy

Hitachi Energy has patched vulnerabilities in open-source software included in the MSM Product. Highest CVSSv3 score of 7.5
More info.

Linux

Red Hat has updated the kernel and kernel-rt. More info.
AlmaLinux has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts