New Alerts for VMware, CISA ICSNPP, Atlassian, UI, Mozilla, Google Chrome, and Linux.
VMware
Arbitrary Authentication Relay and Session Hijack vulnerabilities exist in the deprecated VMware Enhanced Authentication Plug-in. Remove plugin. CVSSv3 score of 9.6
More info.
ICSNPP - Ethercat Plugin for Zeek put out by CISA contains 2 vulnerabilities, including OOB Write/Read. CVSSv3 score of 9.8
More info. And here.
Atlassian has published a security bulletin covering 11 high severity vulnerabilities in their products.
More info.
A malformed discovery packet sent by a remote attacker could interrupt the functionality of device management and discovery on UniFi AP, UniFi Switch, UniFi LTE Backup and UniFi Express devices. CVSSv3 score of 7.5
More info.
Mozilla has published security updates for Thunderbird, Firefox, and Firefox ESR, all rated High.
More info.
Google has updated Chrome for Desktop to fix 12 security vulnerabilities.
More info.
Ubuntu has updated the kernel. More info.
Comments