Skip to main content

CND News and Blog

New Vulnerabilities Thursday 28 March

New Alerts for Cisco, Splunk, NVIDIA, Microsoft Edge (Exploit), IBM, DrayTek, Wireshark, and Linux. Cisco  Cisco has published 17 new bulletins, 10 rated High and 7 rated Medium. Highest CVSSv3 score of 8.6More info.A vulnerability in the LISP feature of IOS Software and IOS XE Software could allow a remote attacker to cause an affected device...

0
  17 Hits
  0 Comments

New Vulnerabilities Wednesday 27 March

New Alerts for Google Chrome, AutomationDirect, Hitachi Energy, Dell, HPE, curl, an Linux. Google  Google has updated Chrome for Desktop to fix 7 security vulnerabilities, at least 1 rated Critical.More info.Microsoft is aware. More info. AutomationDirect  C-MORE EA9 HMI contains several vulnerabilities, including Path Traversal, Stack-Ba...

0
  26 Hits
  0 Comments

New Vulnerabilities Tuesday 26 March

New Alerts for Apple, BD, IBM, Kaspersky, Tenable, and Linux. Apple  Apple has published security updates for macOS and Safari, as well as provided details for last week's iOS, iPadOS, and VisionOS bulletins.More info. BD  BD has published security updates to fix third-party software for IDM, Data Agent, Pyxis, CCE, and Alaris.More info. ...

0
  32 Hits
  0 Comments

New Vulnerabilities Monday 25 March

New Alerts for Microsoft Edge, F5, NetApp, and Linux. Microsoft  Microsoft has updated Edge to fix 2 Edge-specific vulnerabilities and include the latest chromium updates.More info. F5  BIG-IP and BIG-IQ contain a vulnerable version of Bind that could result in a DoS. CVSSv3 score of 7.5More info. NetApp  NetApp has published 8 bulle...

0
  38 Hits
  0 Comments

New Vulnerabilities Friday 22 March

New Alerts for Honeywell, Rockwell Automation, Apple, Mozilla, and Linux. Honeywell  XSS / Arbitrary Code Injection vulnerabilities exist in Honeywell MPA2. Highest CVSSv3 score of 8.1More info. Rockwell Automation  A DoS vulnerability exists in the PowerFlex 527 due to improper input validation in the device. If exploited, the web server...

0
  42 Hits
  0 Comments

New Vulnerabilities Thursday 21 March

New Alerts for HP, F5, IBM, Dell, BD, and Linux. HP  HP OfficeJet Pro printers are vulnerable to a DoS when using an improper eSCL URL GET request. CVSSv3 score of 6.5More info. F5  Traffix SDC contains a vulnerability that allows a remote attacker to cause a DoS. CVSSv3 score of 6.5More info. IBM  IBM Spectrum Protect Plus can be af...

0
  44 Hits
  0 Comments

New Vulnerabilities Wednesday 20 March

New Alerts for Franklin Electric Fueling Systems, Google Chrome, Atlassian, Dell, and Linux. Franklin Electric  Franklin Fueling System EVO 550, EVO 5000 contains a Path Traversal vulnerability that could allow a remote attacker to read arbitrary files on the system. Highest CVSSv3 score of 8.7More info. Google  Google has updated Chrome ...

0
  51 Hits
  0 Comments

New Vulnerabilities Tuesday 19 March

New Alerts for IBM, Mozilla, Acronis, Dell, and Linux. IBM  IBM App Connect Enterprise is vulnerable to a remote attacker due to node.js IP package. CVSSv3 score of 9.8More info. Mozilla  Mozilla has published updates for Firefox, Firefox ESR, and Thunderbird, all rated High.More info. Acronis  Acronis Cyber Protect Cloud Agent has b...

0
  48 Hits
  0 Comments

New Vulnerabilities Monday 18 March

New Alerts for IBM, PaperCut, Canon, and Linux. IBM  IBM Cloud Pak for Data Scheduling contains vulnerable third-party software packages. Highest CVSSv3 score of 9.8More info. And here. PaperCut  The Monthly Security Bulletin is out for PaperCut NG/MF. Highest CVSSv3 score of 8.6More info. Canon  A potential buffer overflow vulnerabi...

0
  56 Hits
  0 Comments

New Vulnerabilities Friday 15 March

New Alerts for Juniper, Microsoft Edge, Dell, HPE, NetApp, Mitel, and Linux. Juniper  Multiple vulnerabilities have been resolved in Juniper Secure Analytics. Highest CVSSv3 score of 9.8More info. Microsoft  Microsoft has updated Edge to fix chromium-based vulnerabilities as well as 3 Edge-specific vulnerabilities.More info. Dell  De...

0
  62 Hits
  0 Comments

New Vulnerabilities Thursday 14 March

New Alerts for Cisco, Arcserve, Apache Tomcat, BD, Mitsubishi Electric, IBM, and Linux. Cisco  Cisco has published 7 new security bulletins. Highest CVSSv3 score of 7.8.More info. A vulnerability in theDHCPv4 server feature of IOS XR Software could allow a remote attacker to trigger a crash of the dhcpd process, resulting in a DoS. CVSSv3 scor...

0
  64 Hits
  0 Comments

New Vulnerabilities Wednesday 13 March

Monthly Patches are out for Microsoft, Adobe, and Fortinet. New Alerts for Google Chrome, Bosch, Citrix, Hitachi, IBM, Intel, and Linux. Tomorrow may be Palo Alto Monthly Patches. Microsoft  Microsoft Monthly Patches include 61 vulnerabilities. Two are rated Critical. Highest CVSSv3 score of 9.8More info. And here. Adobe  Adobe Monthly Pa...

0
  67 Hits
  0 Comments

New Vulnerabilities Tuesday 12 March

Monthly Patches are out for Siemens, Schneider Electric, and SAP. New Alerts for Phoenix Contact, Synology, and Linux. Monthly Patches for Microsoft and Adobe are expected this afternoon. Siemens  Siemens Monthly Patches are out, with 11 new bulletins and 11 updated bulletins. Of the new bulletins, highest CVSSv3 score of 10More info.RUGGEDCOM...

0
  64 Hits
  0 Comments

New Vulnerabilities Monday 11 March

New Alerts for Dell, HPE, and Digi. Tomorrow is Patch Tuesday. Dell  Dell NetWorker vProxy remediation is available for multiple security vulnerabilities that could be exploited. Dell rates this Critical.More info. HPE  Vulnerabilities have been identified in HPE Unified OSS Console Assurance Monitoring that could allow a remote attacker ...

0
  64 Hits
  0 Comments

New Vulnerabilities Friday 08 March

New Alerts for Apple (Exploit), Chirp Systems, Microsoft Edge, QNAP, NetApp, and Linux. Apple Exploit Apple has published updates for Safari, macOS, tvOS, watchOS, and visionOS. At least one vulnerability in each of these products is being actively exploited.More info. Chirp Systems  Chirp Access contains a Hard-coded Credentials vulnerability...

0
  86 Hits
  0 Comments

New Vulnerabilities Thursday 07 March

New Alerts for Cisco, Pilz, IBM, Artica, Bosch, and Linux. Cisco  Cisco has published 7 new bulletins, Highest CVSSv3 score of 8.2More info.A vulnerability in the SAML authentication process of Cisco Secure Client could allow a remote attacker to conduct a CRLF injection attack against a user. CVSSv3 score of 8.2More info. Pilz  The PITre...

0
  70 Hits
  0 Comments

New Vulnerabilities Wednesday 06 March

New Alerts for Apple (0-Day), Nice, Sophos, Moxa, Bosch, Google Chrome, HPE Aruba, and Linux. Apple 0-Day Apple has published updates for iOS fixing 4 vulnerabilities that allow privilege escalation, 2 of which have been exploited.More info. And here. Nice  Linear eMerge E3-Series contains multiple vulnerabilities, including OS command injecti...

0
  77 Hits
  0 Comments

New Vulnerabilities Tuesday 05 March

Monthly Patches are out for Google Android, Google Pixel, and Samsung Android. New Alerts for Mozilla, Squid, and Linux. Google  Google Monthly Patches for Android are out, with 13 vulnerabilities with 2 rated Critical and 11 rated High, as well as patches for AMLogic, Arm, MediaTek, and Qualcomm. Highest CVSSv3 score of 9.8More info.Google Mo...

0
  72 Hits
  0 Comments

New Vulnerabilities Monday 04 March

Monthly Patches are out for Qualcomm and MediaTek. New Alerts for Hikvision, Dell, Xerox, and IBM. Qualcomm  Qualcomm Monthly Patches are out, with 16 vulnerabilities, 2 rated Critical, 12 rated High, and 2 rated Medium. Highest CVSSv3 score of 9.8More info. MediaTek  MediaTek Monthly Patches include 21 vulnerabilities, 12 rated High and ...

0
  74 Hits
  0 Comments

New Vulnerabilities Friday 01 March

New Alerts for SolarWinds, Microsoft Edge, NetApp, Ivanti, and Linux. SolarWinds  SolarWinds has updated Security Event Manager (SEM) to fix vulnerabilities in third-party software as well as one vulnerability in SEM. Highest CVSSv3 score of 9.8More info. Microsoft  Microsoft has updated Edge with the latest chromium patches and one patch...

0
  74 Hits
  0 Comments

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/