// //
New Vulnerabilities Thursday 26 May
michele654
Vulnerabilities
New Alerts for Dell, QNAP, NetApp, and Linux. Dell  Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this High.More info. QNAP  A CSRF vulnerability has been reported to affect QNAP NAS running Proxy Server. This vulnerability ...
New Vulnerabilities Wednesday 25 May
michele654
Vulnerabilities
New Alerts for Google Chrome, HPE, and Linux. Google  Google has updated Chrome for Desktop to fix 32 security vulnerabilities, including at least 1 rated Critical.More info.Microsoft is aware and working. More info. HPE  A potential security vulnerability in the Oracle Java SE may impact HPE IceWall products. The vulnerability could be e...
New Vulnerabilities Tuesday 24 May
michele654
Vulnerabilities
New Alerts for Dell, Zyxel, and Linux. Dell  Dell has updated VxRail to fix multiple vulnerabilities in third-party software included in the product. Dell rates this Critical.More info. And here.Dell PowerEdge Server has been updated for several vulnerabilities in AMD server. Dell rates this High.More info. Zyxel  Zyxel has published a se...
New Vulnerabilities Monday 23 May
michele654
Vulnerabilities
New Alerts for Mozilla (Pwn2Own), IBM, Flexera, and Linux. Mozilla  Mozilla has published a security update for Firefox, Firefox for Android, and Firefox ESR to fix vulnerabilities identified in Pwn2Own. This is rated Critical.More info. IBM  Vulnerabilities in curl and Python affect IBM Cloud Private. CVSSv3 score of 9.1More info. And he...
New Vulnerabilities Friday 20 May
michele654
Vulnerabilities
New Alerts for IBM, Dell, F5, NetApp, and Linux. IBM  WebSphere Application Server used by Rational Asset Analyzer is vulnerable to several security issues. Highest CVSSv3 score of 10More info. And here. Dell  Dell EMC Elastic Cloud Storage contains remediation for multiple security vulnerabilities that may be exploited by remote attacker...
New Vulnerabilities Thursday 19 May
michele654
Vulnerabilities
New Alerts for VMware, OPC Foundation, Apple, Dell, F5, ISC, and Linux. VMware  VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authen...
New Vulnerabilities Wednesday 18 May
michele654
Vulnerabilities
New Alerts for Aruba, IBM, and Linux. Aruba  Several Aruba products use the Expat XML processing library, which contains several vulnerabilities. Highest CVSSv3 score of 9.8More info. And HPE's bulletin is here. IBM  IBM Spectrum Protect Plus is affected by a Mozilla NSS vulnerability. CVSSv3 score of 9.8.More info.IBM MQ Operator and MQ ...
New Vulnerabilities Tuesday 17 May
michele654
Vulnerabilities
New Alerts for Apple, Mitsubishi Electric, VMware, and Linux. Apple  Apple has patched Safari, tvOS, iOS, iPadOS, watchOS, Xcode, macOS Catalina, Big Sur, and Monterey. Several vulnerabilities allow arbitrary code execution.More info. And here. Mitsubishi Electric  Multiple DoS vulnerabilities exist in MELSEC iQ-F series CPU module. These...
New Vulnerabilities Monday 16 May
michele654
Vulnerabilities
New Alerts for SonicWall, Microsoft Edge, NetApp, and Linux. SonicWall  SonicWall SSLVPN SMA1000 series appliances are affected by multiple vulnerabilities, including an unauthenticated access control bypass, and a shared and hard-coded encryption key. Highest CVSSv3 score of 8.2.More info. Microsoft  Microsoft has updated chromium-based ...
New Vulnerabilities Friday 13 May
michele654
Vulnerabilities
New Alerts for Cambium Networks, InHand Networks, IBM, Apache Tomcat, Zyxel, and Linux. Cambium Networks  Cambium Networks cnMaestro contains multiple vulnerabilities, including OS Command Injection, SQL Injection, Path Traversal, and Use of Potentially Dangerous Function, Successful exploitation of these vulnerabilities could allow a remote a...
New Vulnerabilities Thursday 12 May
michele654
Vulnerabilities
Monthly Patches are out for Palo Alto Networks. New Alerts for Mitsubishi Electric, Dell, Xerox, and Linux. Palo Alto Networks  Monthly Patches are out for Palo Alto Networks, with 4 bulletins, 1 rated High and 3 rated Medium. Highest CVSSv3 score of 7.2More info. Mitsubishi Electric  MELSOFT iQ AppPortal is affected by vulnerabilities in...
New Vulnerabilities Wednesday 11 May
michele654
Vulnerabilities
Monthly Patches are out for Microsoft and Adobe. New Alerts for Adminer, Google (Chrome for Desktop), TIBCO, Phoenix Contact, Mitsubishi Electric, curl, and Linux. Microsoft  Microsoft Monthly Patches are out, with 75 vulnerabilities. Of these, 8 are Critical, 3 were previously disclosed, and one is already being exploited. Highest CVSSv3 scor...
New Vulnerabilities Tuesday 10 May
michele654
Vulnerabilities
Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Check Point (ZoneAlarm), Google (Chrome for Android and ChromeOS), Tenable, and Linux.           Patches for Microsoft and Adobe are expected this afternoon. Check Point  Check Point has updated ZoneAlarm Extreme Security to fix a sec...
New Vulnerabilities Monday 09 May
michele654
Vulnerabilities
New Alerts for Fujitsu, Rockwell Automation, IBM, and Linux. Fujitsu  The operation management interface of FUJITSU Network IPCOM provided by FUJITSU LIMITED contains multiple vulnerabilities. A remote attacker may execute arbitrary commands, obtain and/or alter sensitive information, or cause a DoS. CVSSv3 score of 9.8More info. Rockwell Auto...
CND Code Club Sponsors
Kelsey Chalmers
Technical
CND are proud sponsors of the Isle of Man Code Club Teams that headed to the CyberCenturion National Finals this year! IoM Code Club sent two teams into the top 15 spots in the competition; they scored some of the best scores out of 400 teams. The teams, CyberAces and The Toast Mine of Cookies, competed in the U.K. in April. CyberCenturion is a Cyb...
New Vulnerabilities Friday 06 May
michele654
Vulnerabilities
New Alerts for QNAP, IBM, Sophos, and NetApp. QNAP  A vulnerability has been reported to affect QNAP VS Series NVR running QVR. If exploited, this vulnerability allows remote attackers to run arbitrary commands. QNAP rates this Critical.More info.A vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vul...

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Find Out More

© Computer Network Defence Limited 2022