Monthly Patches are out for Microsoft, Adobe, and Atlassian. New Alerts for Google Chrome, MOBATIME, Apache Struts, and Linux.

Microsoft Exploit

Monthly Patches are out with fixes for 71 vulnerabilities, 16 are considered Critical, 1 is being exploited with details publicly available. Highest CVSSv3 score of 9.8
More info. And here.

Microsoft is aware of the latest updates in Chromium. More info.

Adobe 

Monthly Patches include updates for Experience Manager, Acrobat and Reader, Media Encoder, Illustrator, After Effects, Animate, InDesign, PDFL SDK, Connect, Substance 3D Sampler, Photoshop, Substance 3D Modeler, Bridge, Premier Pro, Substance 3D Painter, and FrameMaker. Highest CVSSv4 score of 9.3.
More info.

Google 

Google has updated Chrome for Desktop with 3 security fixes.
More info.

Microsoft is aware. More info.

MOBATIME 

MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials. CVSSv4 score of 9.3
More info.

Atlassian 

Atlassian has published Monthly Patches for Bamboo Data Center and Server, Bitbucket Data Center and Server, and Confluence Data Center and Server. Highest CVSSv3 score of 8.1
More info.

Apache 

Struts file upload logic is flawed, and allows an attacker to enable paths with traversals.
More info.

Linux 

Ubuntu has updated the kernel and microcode. More info.
Amazon Linux 2023 has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts