CND News and Blog

New Alerts for HP, Dell, IBM, and Linux. HP HP Security Manager is vulnerable to Remote Code Execution due to the use of Microsoft OLE Database library and Microsoft's SQL Server. CVSSv4 score of 8.6More info. Dell Dell has published a Critical bulletin for Networker Runtime Environment.More info. IBM IBM has published Critical bulletins for Global...

Happy Friday! New Alerts for Microsoft Edge, NetApp, IBM, and Linux. Microsoft Microsoft has updated Edge to include the latest chromium fixes.More info. NetApp NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.1More info. IBM IBM has published Critical bu...

New Alerts for Apple (Exploit), Mitsubishi Electric, and BD. Apple Apple has published security bulletins for iOS, iPadOS, and macOS to fix a single CVE. Apple is aware of a report that this has been exploited in an extremely sophisticated attack against specific targeted individuals.More info. Mitsubishi Electric A DoS vulnerability exists in...

Monthly Patches are out for Atlassian. New Alerts for Google Chrome and ChromeOS, Arcserve, Citrix, Fortra, Commvault, and Linux. Google Google has updated Chrome for Desktop to fix 1 security vulnerability.More info.Microsoft is aware. More info.ChromeOS has been updated to fix browser and 3rd party software vulnerabilities. More info. Arcserve Se...

New Alerts for Mozilla, Wiesemann & Theis, BD, Dell, IBM, and Linux. Mozilla Mozilla has published 9 new bulletins rated High identifying vulnerabilities in Thunderbird, Focus, Firefox, and Firefox ESR.More info. Wiesemann & Theis Motherbox 3 allows a remote attacker read-only access to the internal DB with measurement values from...

New Alerts for Microsoft Edge, HPE, Progress, NetApp, Dell, IBM, and Linux. Microsoft Microsoft has updated Edge with the latest chromium fixes.More info. HPE A security vulnerability has been identified in HPE Online Double Conversion UPS systems using the 1G Management Module. The vulnerability could allow a remote attacker to achieve unauthorize...

New Alerts for Cisco, Rockwell Automation, Bosch, Siemens, Xerox, Softing, and Linux. Cisco Cisco has published 21 new bulletins, 1 rated Critical, 11 rated High, 9 rated Medium. Highest CVSSv3 score of 10.More info. Rockwell Automation Rockwell Automation has published 8 new bulletins addressing vulnerabilities in FactoryTalk, Flex 5000 I/O, ...

Monthly Patches are out for Palo Alto Networks. Quarterly Patches are out for F5. New Alerts for Checkpoint, ABB, Zoom, Spring, and Linux. Palo Alto Networks Palo Alto Monthly Patches include 6 bulletins. Highest CVSSv3 score of 6.1.More info. F5 F5 Quarterly Patches include 4 bulletins for BIG-IP and Access for Android. Highest CVSSv4 score o...

Monthly Patches are out for Microsoft, Adobe, Fortinet, and Ivanti. New Alerts for Google Chrome, HTTP/2, and Linux. Microsoft Microsoft Monthly Patches include 111 vulnerabilities, 11 rated Critical, 1 publicly disclosed. Highest CVSSv3 score of 10 for the previously disclosed Azure vulnerability.More info. And here. Adobe Monthly Patches are out ...

Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for IBM and Linux. We expect monthly patches for at least 4 more vendors this afternoon and tomorrow. Siemens Siemens Monthly Patches include 45 bulletins, 22 new and 23 updated. Of the new bulletins, highest CVSSv3 score of 9.8More info. Schneider Electric Schneider ...

New Alerts for BaiCells (Exploit), HPE, Xerox, NetApp, AMD, IBM, and Linux. BaiCells Exploit Baicells Atom R9 Cat4 Gen2 CPEs contained a hardcoded administrator account. This has been exploited.More info. HPE Several vulnerabilities have been identified within the HPE Private Cloud AI. Highest CVSSv3 score of 9.8More info. Xerox Security fixes have...

New Alerts for Microsoft Edge, Microsoft Azure, EG4 Electronics, Packet Power, Burk Technology, F5, IBM, and Linux. Microsoft Microsoft has updated Edge with the latest chromium fixes.More info.Microsoft has updated Azure with 2 fixes for vulnerabilities. No customer action is required. Highest CVSSv3 score of 10.More info. And here. EG4 Elect...

New Alerts for Splunk, Ubiquiti, Tenable, IBM, and Linux. Splunk Splunk has published 2 bulletins for third-party software included in their products, 1 rated Critical and 1 rated High. More info. Ubiquiti Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a remote attacker to achieve Command Injection. Hi...

Google Monthly Patches are out for Pixel. New Alerts for Google Chrome for Desktop, Trend Micro, Adobe, Tigo Energy, CODESYS, IBM, and Linux. Google Google Monthly Patches for Pixel include 1 fixed vulnerability rated Critical and 2 rated High, plus Android updates.More info.Google has updated Chrome for Desktop to fix 12 security vulnerabilities.M...

Monthly Patches are out for Google Android and Samsung. New Alerts for SICK, Hitachi, and Linux. Google Google Monthly Patches for Android include 3 fixed vulnerabilities, 1 rated Critical and 2 rated High, plus Arm and Qualcomm updates.More info. Samsung Samsung Monthly Patches for Android include 18 Samsung vulnerabilities, plus Android and Samsu...

Monthly Patches are out for Qualcomm. New Alerts for NVIDIA, HPE, CODESYS, HashiCorp, IBM, and Linux. Qualcomm Qualcomm monthly patches include 16 bulletins, 1 rated Critical, 13 rated High, and 2 rated Moderate, plus some OSS fixes. Highest CVSSv3 score of 7.8More info. NVIDIA NVIDIA has released a software update for Triton Inference Server with ...

New Alerts for Microsoft Edge, Güralp Systems, NetApp, IBM, and Dell. Microsoft Microsoft has updated Edge with the latest chromium fixes.More info. Guralp Systems Güralp FMUS Series Seismic Monitoring Devices are missing authentication and could allow a remote attacker to modify hardware configurations, manipulate data, or factory reset the device...

New Alerts for Apple, Splunk, IBM, and Linux. Apple Apple released security updates for Safari.More info. Splunk Splunk has published 3 new bulletins identifying vulnerabilities in third-party software included in their products, 2 rated Critical and 1 rated High.More info. IBM IBM has published Critical bulletins for Control Desk, Instana Observab...

New Alerts for Apple, Google Chrome, IBM, SonicWall, Samsung, Tenable, and Linux. Apple Apple released security updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS that patch a total of 89 different vulnerabilities.More info. And here. Google Google has updated Chrome for Desktop to fix 4 security vulnerabilities.More info.Microsoft is awar...

New Alerts for Progress, Broadcom Tanzu, Python, and Linux. Progress Progress has published 3 new bulletins for DataDirect Hybrid Data Pipeline, all rated Critical.More info. Broadcom Broadcom has published 19 security bulletins for Tanzu, 14 rated Critical, 4 rated High, and 1 rated Medium.More info. Python A vulnerability in CPython could result ...