New Alerts for APSystems, HPE, F5, Mozilla, GitLab, ZKTeco, and Linux.
APSystems
OS command injection affects Altenergy Power Control software via shell metacharacters in the timezone parameter. CVSSv3 score of 9.8
No response from vendor.
More info.
Potential security vulnerabilities has been identified in HPE Fabric OS. These vulnerabilities could be remotely or locally exploited to allow multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.
BIG-IP contains a vulnerability that allows a remote attacker with access to the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. CVSSv3 score of 9.8
More info.
Mozilla has updated Firefox and Firefox ESR to fix vulnerabilities rated High.
More info.
GitLab has fixed several vulnerabilities, including 2 DoS vulnerabilities. Highest CVSSv3 score of 7.5
More info.
ZKTeco BioAccess IVS contains several vulnerabilities that allow a remote attacker to arbitrarily close and open the doors, read arbitrary files, obtain sensitive information, and perform code execution. Highest CVSSv3 score of 9.8
More info. And here. And here. And here.
ZKTeco BioTime contains several vulnerabilities that allow a remote attacker to change the administrator password, access sensitive information, and write and read arbitrary files. Highest CVSSv3 score of 9.3
More info. And here. And here. And here.
OpenSUSE has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page