Monthly Patches are out for Microsoft and Adobe. New Alerts for AUMA, Hitachi Energy, Citrix, Salt, and Linux. Palo Alto Monthly Patches are expected out this afternoon.
Microsoft
Microsoft Monthly Patches are out, with 60 patched vulnerabilities, 3 rated Critical. This includes a patch for the "Follina" MSDT vulnerability. Highest CVSSv3 score of 9.8
More info. And here. And here.
A vulnerability affecting Windows Network File System allows a remote attacker to perform remote code execution. This vulnerability is not exploitable in NFSV2.0 or NFSV3.0. CVSSv3 score of 9.8
More info.
Microsoft has also updated Edge with the latest Chromium security fixes.
More info.
Adobe has published their Monthly Patches, with bulletins for Animate, Bridge, Illustrator, InCopy, InDesign, and RoboHelp Server. All the updates but RoboHelp Server patch Critical vulnerabilities that allow arbitrary code execution. Highest CVSSv3 score of 7.8
More info.
Improper buffer restrictions in the webserver used in SIMA Master Station software may allow a remote attacker to stop the cyclic program on the device and cause a DoS. CVSSv3 score of 8.6
More info.
Hitachi Energy has fixed a vulnerability in the Actbar2.ocx module that affects the PROMOD IV product. An attacker who successfully exploited this vulnerability could delete arbitrary files once the system is compromised. CVSSv3 score of 9.3
Note the CVE is from 2010.
More info.
Vulnerabilities have been discovered in Citrix Application Delivery Management that could result in corruption of the system by a remote attacker leading to the reset of the administrator password at the next device reboot and temporary disruption of the ADM license service.
More info.
A critical vulnerability has been discovered in Salt, with expected patches available on June 21st.
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Oracle Linux has updated the kernel and microcode. More info.