New Alerts for Enphase, SICK, IBM, BIND, Xerox, and Linux.

Enphase 

Enphase Installer Toolkit has hard coded credentials embedded in binary code in the Android application. A remote attacker can exploit this and gain access to sensitive information. CVSSv3 score of 8.6
More info.

SICK 

Vulnerabilities exist in the SICK EventCam App, that can be accessed via Ethernet. This allows a remote attacker to impact availabiltiy, integrity and confidentaility of the EventCam App. CVSSv3 score of 9.8
More info.

IBM 

Operations Dashboard is vulnerable to multiple vulnerabilities in Golang. Vulnerabilities include code injection and denial of service. Highest CVSSv3 score of 9.8
More info.

There is a vulnerability in Apache Commons BCEL used by IBM Maximo Asset Management. CVSSv3 score of 9.8
More info.

IBM Aspera Faspex has addressed multiple vulnerabilities. Highest CVSSv3 score of 9.9
More info.

BIND 

ISC has published 3 security patches for BIND fixing vulnerabilities that could allow a DoS. CVSSv3 score of 7.5
More info.

Xerox 

Xerox has published an update for FreeFlow Print Server v2 that updates third-party software that is included.
More info.

Linux 

Red Hat has updated kpatch. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts