Skip to main content

CND News and Blog

New Vulnerabilities Wednesday 11 September


Monthly Patches are out for Microsoft (0-Days), Adobe, and F5. New Alerts for Ivanti, Carrier (Viessmann), Google Chrome, and Linux.

Microsoft 0-Day

Microsoft Monthly Patches are out, with 79 vulnerabilities, 7 rated Critical and 4 are 0-days currently being exploited. Highest CVSSv3 score of 9.8
More info. And here.

Microsoft recently updated the Edge page to show updates for the latest chromium vulnerabilities, although the dates were more than a week in the past.
More info.

Adobe 

Adobe Monthly Patches include updates for Media Encoder, Audition, After Effects, Premiere Pro, Illustrator, Reader, ColdFusion, and Photoshop. Highest CVSSv3 score of 9.8
More info.

ColdFusion has been updated to fix a RCE vulnerability. CVSSv3 score of 9.8
More info.

F5 

F5 has published 10 new bulletins, 4 of which are exploitable remotely without authentication. Of those 4, the highest CVSSv3 score is 6.9
More info.

Ivanti 

Ivanti has released updates for Ivanti Endpoint Manager 2024 and 2022 which addresses medium and high vulnerabilities. Successful exploitation could lead to unauthorized access to the EPM core server. Highest CVSSv3 score of 10.
More info.

Carrier 

Viessmann Vitogate 300 contains several vulnerabilities, including Use of Hard-coded Credentials, Forced Browsing, Command Injection. Highest CVSSv3 score of 9.3
More info. And here.

Google 

Google has updated Chrome for Desktop to fix 5 security vulnerabilities.
More info.

Linux 

SUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/