Microsoft Exploit
Microsoft has updated Edge with the latest chromium vulnerabilities. Exploits are in the wild.
More info.
FESTO Hardware Controller and Hardware Servo Press Kit contain several vulnerabilities that could allow a remote attacker to execute unauthorized system commands with root privileges. Highest CVSSv3 score of 9.8
More info. And here.
FESTO and FESTO Didactic CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, and MES-PC contain a vulnerability that allows a remote attacker to gain full control of the host system, including remote code execution. CVSSv3 score of 9.8
No patch available.
More info.
Voltronic Power Viewpower and PowerShield NetGuard contain vulnerabilities that allows a remote attacker to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code. CVSSv3 score of 9.8
No patch from Voltronic Power, PowerShield has patches available.
More info.
Contec has identified several vulnerabilities in its CHS Web HMI/SCADA software that allows a remote attacker to steal and tamper with data, execute malicious programs that could result in destruction of the system, and deactivate of certain function. Highest CVSSv3 score of 6.1
More info.
In ModSecurity, if the variable SecParseXmlIntoArgs is set to On or OnlyArgs, and the request type is application/xml, and at least one XML tag is empty then a segmentation fault occurs. CVSSv3 score of 6.5
More info.
IBM has published Critical bulletins for Business Automation Workflow, Cloud Pak for Data, and PowerVC.
More info.
Red Hat has updated the kernel. More info.
AlmaLinux has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page