CND News and Blog
New Alerts for Siemens, Trellix, Moxa, IBM, and Linux. Siemens RUGGEDCOM APE1808 uses Palo Alto Networks PAN-OS. Highest CVSSv4 score of 9.3No patches yet.More info. Trellix Enterprise Security Manager has been updated to resolve several security vulnerabilities.More info. Moxa Multiple Moxa Ethernet switches are affected by the s...
New Alerts for Microsoft Edge, BD, Automated Logic, QNAP, mySCADA, NetApp, and Linux. Microsoft Microsoft has updated Edge with the latest chromium updates and one Edge-specific fix.More info. BD BD has implemented October patches from Microsoft into IDM, Pyxis, Data Agent, CCE, and Alaris.More info. Automated Logic WebCTRL ...
New Alerts for Wireshark, PHP, IBM, and Linux. Wireshark Two DoS vulnerabilities have been patched in Wireshark.More info. PHP Several security vulnerabilities have been fixed in the latest versions of PHP.More info. IBM Critical bulletins have been published for QRadar SIEM, Robotic Process Automation, Planning Analytics Workspac...
Monthly Patches are out for Atlassian. New Alerts for Google Chrome, Apple (Exploit), Spring, M-Files, Dell, and Linux. Google Google has updated Chrome for Desktop to fix 3 security vulnerabilities.More info. Atlassian Monthly Patches include fixes for Bamboo, Bitbucket, Confluence, Crowd, Jira, Jira Service Management, Sourcetree for ...
New Alerts for Palo Alto Networks (fix for Exploit), Oracle, Mitsubishi Electric, Synology, Westermo, and Linux. Palo Alto Networks Palo Alto Networks has patched a previously reported and exploited unauthenticated RCE vulnerability. CVSSv4 score of 9.3More info. Oracle Agile Product Lifecycle Management contains a vulnerability that al...
New Alerts for Veritas, Palo Alto Networks (Exploit), Dell, HPE, and Citrix (Exploit). Veritas Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP ports can be exploited due to vulnerabilities that are inherent to the .NET Remoting service...
New Alerts for Blackberry, Baxter, Microsoft Edge, Spring, NetApp, IBM, and Linux. Blackberry Multiple vulnerabilities in SecuSUITE Server could allow a remote attacker to enroll an attacker-controlled device to the victim's account and telephone number or inject script commands or other executable content into the server that would run with ...
Monthly Patches are out for Palo Alto Networks. New Alerts for Apache Traffic Server, Siemens, Dell, Mozilla, GitLab, and Linux. Palo Alto Networks Monthly Patches are out with 9 bulletins, 1 rated High, 4 rated Medium, and 4 rated Low. Several bulletins address DoS vulnerabilities in the firewall. Highest CVSSv3 score of 8.6More info. Apache...
Monthly Patches are out for Microsoft (Exploit), Adobe, and Fortinet. New Alerts for Ivanti, Google Chrome, Westermo, Rockwell Automation, HPE, Broadcom, and Linux. Microsoft Exploit Monthly Patches are out with 83 vulnerabilities, 3 rated Critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Highest...
Monthly Patches are out for Schneider Electric, Siemens, and SAP. New Alerts for HPE, Citrix, Zoom, and Linux. Monthly Patches for Microsoft and Adobe are expected this afternoon, and Palo Alto expected tomorrow. Schneider Electric Monthly Patches include 4 new bulletins, all remotely exploitable without authentication, and 2 updated bulletin...
New Alerts for Dell, GE HealthCare, Extreme Networks, and Linux. Dell Dell has published Critical updates for NetWorker, APEX Cloud Platform, Metro node, and VxRail.More info. GE HealthCare A limited number of GE HealthCare products are impacted by vulnerabilities in Mirth Connect from 2023. CVSSv3 score of 9.8More info. Extreme N...
New Alerts for Synology, NETGEAR, SICK, Microsoft Edge, Moxa, and NetApp. Synology Synology has published 6 new bulletins identifying vulnerabilities in their products discovered during PWN2OWN. All allow remote attackers various access such as RCE and DoS.Some patches available.More info. NETGEAR NETGEAR has published 7 new bulletins f...
Monthly Patches are out for Google Pixel. New Alerts for Cisco, Eaton, Dell, HPE, Veeam, and Linux. Cisco Cisco has published 15 new bulletins, 1 rated Critical, 2 rated High, and the rest Medium. Highest CVSSv3 score of 10More info.A vulnerability in the web-based management interface of Unified Industrial Wireless Software for Ultra-Reliabl...
New Alerts for HPE, Google Chrome, Hitachi, Dell, curl, HCL, and Linux. HPE HPE Aruba Networking has released updates for Access Points running Instant AOS-8 and AOS-10. Highest CVSSv3 score of 9.8More info. Google Chrome has been updated to fix 2 security vulnerabilities.More info. Hitachi Hitachi has published updates for Cosmin...
Monthly Patches are out for Google Android and Samsung Android. New Alerts for BD, QNAP, and Linux. Google Android Monthly Patches are out with 21 vulnerabilities, all rated High, plus updates for Imagination Technologies, Mediatek, and Qualcomm patches.More info. Samsung Samsung Monthly Patches include 12 vulnerabilities, 5 rated High ...
Monthly Patches are out for Qualcomm and Mediatek. New Alerts for Broadcom, Moxa, Dell, NetApp, and Linux. Qualcomm Monthly Patches are out for Qualcomm, with 10 vulnerabilities, 1 rated Critical, 7 rated High, and 2 rated Medium. Highest CVSSv3 score of 8.2More info. Mediatek Mediatek's Monthly Patches include 11 CVEs, 2 rated High and...
New Alerts for Ricoh, Microsoft Edge, Digi, Moxa, IBM, Splunk, and Linux. Ricoh Ricoh has identified a buffer overflow vulnerability when using the Web Image Monitor that could potentially allow a DoS or RCE. CVSSv3 score of 9.8More info. Microsoft Microsoft has updated Edge with the latest chromium updates.More info. Digi Web ser...
New Alerts for D-Link, HP, Draytek, Bosch, Tenable, Splunk, and Linux. D-Link The D-Link DSL6740C modem is configured with default and predictable administrator credentials that compromise the security of the device. These credentials allow unauthorized remote access to the modem's control panel, posing a significant security risk. CVSSv3 sco...
New Alerts for Google Chrome, Hitachi Energy, Apple, QNAP, GE Vernova, Delta Electronics, and Linux. Google Chrome for Desktop has been updated to fix 2 security vulnerabilties.More info. Hitachi Energy Hitachi Energy has published updates for UNEM, FOXMAN-UM, and MicroScada Pro/X SYS600.. Highest CVSSv3 score of 10More info. Apple ...
New Alerts for Apple, Hitachi Energy, HPE, Mozilla, QNAP, and CyberPanel (Exploit). Apple Apple has published udates for macOS, iPadOS, iOS, visionOS, tvOS, and watchOS.More info. And here. Hitachi Energy There are public reports of vulnerabilities in the Hitachi Energy's MSM that could allow a remote attacker to impact the confidential...
By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/