Atlassian has published Monthly Patches. New Alerts for TP-Link, AutomationDirect, Vertiv, BIND, Arista, and Linux.
TP-Link
A stack-based buffer overflow vulnerability on the TP-Link Archer AX50 router allows a remote attacker to execute arbitrary code on the device over LAN and WAN networks. CVSSv4 score of 9.2
More info.
AutomationDirect MB-Gateway contains a Missing Authentication in Critical Function vulnerability. CVSSv3 score of 10
Replacement of the device is the only option.
More info.
Vertiv Liebert RDU101 and UNITY contains 2 vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer Overflow. Highest CVSSv4 score of 9.3
More info.
Atlassian has published Monthly Patches for Bamboo Data Center and Server, Confluence Data Center and Server, Jira Data Center and Server, Fisheye/Crucible, and Jira Service Managment Data Center and Server. Highest CVSSv3 score of 7.5
More info.
BIND has published a bulletin for a vulnerability that allows a remote attacker to use DNS message with invalid TSIG to cause an assertion failure. CVSSv3 score of 7.5
More info.
Arista EOS UDP traffic may be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries. |CVSSv3 score of 6.5
More info.
SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
