Skip to main content

CND News and Blog

New Vulnerabilities Wednesday 24 May


New Alerts for Netgate, Hitachi Energy, Bosch, GitLab, Dell, and Linux.

Netgate 

An IPv6 packet larger than the MTU on an interface can lead to a kernel panic in pf, resulting in a DoS.
More info.

Hitachi Energy 

Multiple vulnerabilities in the libexpat affect the AFS65x, AFS66x, AFS67x, AFR67x and AFF66x series products. Highest CVSSv3 score of 9.8
Mitigations only, patches are coming. Some products are EoL.
More info.

Bosch 

Video Management System, Access Management System, and Building Integration System are using a vulnerable version of the Microsoft .NET package. A remote code execution vulnerability exists due to how text encoding is performed. CVSSv3 score of 9.8
More info.

GitLab 

GitLab CE/EE contains a path traversal vulnerability that allows a remote attacker to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. CVSSv3 score of 10
More info.

Dell 

PowerEdge T30 and T40 Mini Tower contains a vulnerability in Tianocore EDK2. CVSSv3 score of 9.8
More info.

Linux 

Red Hat has updated the kernel. More info.
Oracle Linux has updated the kernel and many others. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 29 March 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/