Monthly Patches are out for Microsoft (0-Days), Adobe, and F5. New Alerts for Ivanti, Carrier (Viessmann), Google Chrome, and Linux.
Microsoft 0-Day
Microsoft Monthly Patches are out, with 79 vulnerabilities, 7 rated Critical and 4 are 0-days currently being exploited. Highest CVSSv3 score of 9.8
More info. And here.
Microsoft recently updated the Edge page to show updates for the latest chromium vulnerabilities, although the dates were more than a week in the past.
More info.
Adobe Monthly Patches include updates for Media Encoder, Audition, After Effects, Premiere Pro, Illustrator, Reader, ColdFusion, and Photoshop. Highest CVSSv3 score of 9.8
More info.
ColdFusion has been updated to fix a RCE vulnerability. CVSSv3 score of 9.8
More info.
F5 has published 10 new bulletins, 4 of which are exploitable remotely without authentication. Of those 4, the highest CVSSv3 score is 6.9
More info.
Ivanti has released updates for Ivanti Endpoint Manager 2024 and 2022 which addresses medium and high vulnerabilities. Successful exploitation could lead to unauthorized access to the EPM core server. Highest CVSSv3 score of 10.
More info.
Viessmann Vitogate 300 contains several vulnerabilities, including Use of Hard-coded Credentials, Forced Browsing, Command Injection. Highest CVSSv3 score of 9.3
More info. And here.
Google has updated Chrome for Desktop to fix 5 security vulnerabilities.
More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
