Monthly Patches are out for Microsoft and Adobe. New Alerts for Adminer, Google (Chrome for Desktop), TIBCO, Phoenix Contact, Mitsubishi Electric, curl, and Linux.
Microsoft
Microsoft Monthly Patches are out, with 75 vulnerabilities. Of these, 8 are Critical, 3 were previously disclosed, and one is already being exploited. Highest CVSSv3 score of 9.8
More info. And here. And here.
Windows Network File System and Windows LDAP contain remotely exploitable RCE vulnerabilities. CVSSv3 score of 9.8
More info. And here.
Adobe Monthly Patches include updates Critical vulnerabilities in Character Animator, ColdFusion, InDesign, Framemaker, and InCopy.
More info.
Adminer database management tool used in Industrial products contains a vulnerability that allows a remote attacker to read database credentials and steal data. CVSSv3 score of 7.5
More info.
Google has published an update for Chrome for Desktop with 13 security fixes.
More info.
Microsoft is aware and working on chromium-based Edge. More info.
Phoenix Contact RAD-ISM-900-EN-BD devices use third-party software with multiple vulnerabilities. CVSSv3 score of 9.1
More info.
TIBCO Managed File Transfer Command Center and Internet Server contain a XXE vulnerability exploitable by remote attackers. CVSSv3 swcore of 8.6
More info.
Information disclosure and DoS vulnerabilities due to out-of-bounds read and integer overflow in OpenSSL exist in the MELSOFT GT OPC UA Client. Highest CVSSv3 score of 7.5
More info.
curl has several Medium and Low vulnerabilities that have been fixed in the latest release.
More info.
Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.
Comments