Google Monthly Patches are out for Pixel. New Alerts for Google Chrome for Desktop, Trend Micro, Adobe, Tigo Energy, CODESYS, IBM, and Linux.
Google
Google Monthly Patches for Pixel include 1 fixed vulnerability rated Critical and 2 rated High, plus Android updates.
More info.
Google has updated Chrome for Desktop to fix 12 security vulnerabilities.
More info.
Microsoft is aware. More info.
Trend Micro has released a mitigation tool to protect against recently discovered command injection remote code execution (RCE) vulnerabilities on Apex One Management Console (on-premise). CVSSv3 score of 9.4
More info.
Adobe has released an out-of-cycle security update for Adobe Experience Manager Forms on Java Enterprise Edition, addressing critical vulnerabilities that could lead to arbitrary code execution and arbitrary file system read. Highest CVSSv3 score of 10.
Adobe is aware that publicly available proof-of-concept exists.
More info.
Tigo Energy's Cloud Connect Advanced contain several vulnerabilities including Use of Hard-coded Credentials, Command Injection, Predictable Seed in PRNG. Highest CVSSv4 score of 9.3
No patches yet.
More info.
A vulnerability in the CODESYS Control runtime system's CmpDevice component allows a remote attacker to cause a DoS via specially crafted communication requests. CVSSv3 score of 7.5
More info.
IBM has published Critical bulletins for Application Performance Management, Security Guardium, and Tivoli Monitoring.
More info.
Linux
Red Hat has updated the kernel. More info.
AlmaLinux has updated the kernel. More info.
