Skip to main content

CND News and Blog

New Vulnerabilities Wednesday 22 January


Quarterly Patches are out for Oracle. New Alerts for phpMyAdmin, OVN, Mitel, I-O Data, Node.js, HAProxy, and Linux.

Oracle 

Quarterly Patches include fixes for 318 vulnerabilities, 184 remotely exploitable without authentication. Highest CVSSv3 score of 9.9
More info.

phpMyAdmin 

Three new bulletins have been published, identifying a DoS and XSS vulnerabilities.
More info.

OVN 

OVN is vulnerable to allowing crafted UDP packets to bypass egress ACL rules. This can result in unauthorized access to virtual machines and containers running on the OVN network.
More info.

Mitel 

Mitel has published 2 new bulletins affecting MiContact Center Business and OpenScape 4000.
More info.

I-O Data 

I-O Data has updated UD-LT2 hybrid router to fix 3 security vulnerabilities. Highest CVSSv3 score of 7.5
More info. And here.

Node.js 

Three vulnerabilities, 1 rated High and 2 rated Medium, have been fixed in the latest verson.
More info.

HAProxy 

HAProxy Fusion has been patched for rsync.
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.
Red Hat has updated the kernel. More info.
Mageia has updated rsync. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/