Skip to main content

CND News and Blog

Categories
Teams
Archives
Categories:   All Categories
Suggested keywords
x

New Vulnerabilities Wednesday 13 March

Vulnerabilities 148 Hits 0 Comments

Monthly Patches are out for Microsoft, Adobe, and Fortinet. New Alerts for Google Chrome, Bosch, Citrix, Hitachi, IBM, Intel, and Linux. Tomorrow may be Palo Alto Monthly Patches.

Microsoft 

Microsoft Monthly Patches include 61 vulnerabilities. Two are rated Critical. Highest CVSSv3 score of 9.8
More info. And here.

Adobe 

Adobe Monthly Patches include updates for Experience Manager, Premier Pro, ColdFusion, Bridge, Lightroom, and Animate. Highest CVSSv3 score of 8.6
More info.

Fortinet 

Fortinet Monthly Patches include 8 bulletins for FortiOS and FortiProxy, FortiPortal, FortiWLM MEA for FortiManager, and FortiClientEMS. Highest CVSSv3 score of 9.3
More info.

OoB write and Stack-based Buffer Overflow vulnerabilities in FortiOS & FortiProxy captive portal may allow an attacker who has access to captive portal to execute arbitrary code or commands via specially crafted HTTP requests. CVSSv3 score of 9.3
More info.

An improper neutralization of formula elements in a CSV File vulnerability in FortiClientEMS may allow a remote attacker to execute arbitrary commands on the admin workstation via creating malicious log entries with crafted requests to the server. CVSSv3 score of 8.7
More info.

An improper access control vulnerability in FortiWLM MEA for FortiManager may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. CVSSv3 score of 7.7
More info.

A SQL Injection vulnerability in FortiClientEMS may allow a remote attacker to execute unauthorized code or commands via specifically crafted requests. CVSSv3 score of 9.3
More info.

Google 

Google has updated Chrome for Desktop to fix 3 security vulnerabilities.
More info.

Bosch 

RPS and RPS-LITE operator and communication process contain several vulnerabilities, included hardcoded credentials. Highest CVSSv3 score of 7.3
More info.

Citrix 

SD-WAN contains a vulnerability that allows a remote attacker to disclose limited information from the appliance. CVSSv3 score of 6.5
This requires access to the management interface.
More info.

Hitachi 

Several vulnerabilities affect Cosminexus products.
More info.

IBM 

IBM QRadar SIEM includes vulnerable components. Highest CVSSv3 score of 9.1
More info.

Vulnerabilities were addressed in IBM Observability with Instana. CVSSv3 score of 9.8
More info. And here.

Intel 

A security vulnerability in the bus lock regulator mechanism for some processors may allow DoS. CVSSv3 score of 6.5
More info.

HPE ProLiant DL/ML and MicroServer are affected. More info.
HP is affected as well. More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts
Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

About the author

michele654

michele654

Subscribe to updates from author Unsubscribe to updates from author michele654
Author's recent posts
More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 29 April 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/