New Alerts for VMware, CISA ICSNPP, Atlassian, UI, Mozilla, Google Chrome, and Linux.

VMware 

Arbitrary Authentication Relay and Session Hijack vulnerabilities exist in the deprecated VMware Enhanced Authentication Plug-in. Remove plugin. CVSSv3 score of 9.6
More info.

CISA 

ICSNPP - Ethercat Plugin for Zeek put out by CISA contains 2 vulnerabilities, including OOB Write/Read. CVSSv3 score of 9.8
More info. And here.

Atlassian 

Atlassian has published a security bulletin covering 11 high severity vulnerabilities in their products.
More info.

UI 

A malformed discovery packet sent by a remote attacker could interrupt the functionality of device management and discovery on UniFi AP, UniFi Switch, UniFi LTE Backup and UniFi Express devices. CVSSv3 score of 7.5
More info.

Mozilla 

Mozilla has published security updates for Thunderbird, Firefox, and Firefox ESR, all rated High.
More info.

Google 

Google has updated Chrome for Desktop to fix 12 security vulnerabilities.
More info.

Linux 

Ubuntu has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts