New Alerts for IBM, SICK, HPE, Zyxel, and Tenable.
IBM
IBM Aspera Faspex could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. Highest CVSSv3 score of 9.8
More info.
NSS & NSPR vulnerabilities affect the IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 products. These vulnerabilities could allow a remote attacker to execute arbitrary code, on the system, to obtain sensitive information, or cause a DoS. Highest CVSSv3 score of 10.
More info.
The Flexi Soft Gateways FX0-GENT00000 v3 and FX0-GENT00010 v3 use the RK512 protocol to configure the Flexi Soft stations via an exposed TCP port on the Ethernet based gateways. A remote attacker can use this vulnerability as a permanent DoS attack or RCE. Highest CVSSv3 score of 9.1
More info.
Security vulnerabilities have been identified in HPE Serviceguard for Linux, including unauthenticated Java deserialization, pre‑authentication memory corruption, and Server Side request forgery vulnerabilities. Highest CVSSv3 score of 8.1
More info.
A security misconfiguration vulnerability exists in LTE3202-M437 and LTE3316-M604 due to a factory default login for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.
More info.
Tenable has published security updates for libcurl and Apache in tenable.sc. Highest CVSSv3 score of 9.8
More info. And here.
Comments