Skip to main content

CND News and Blog

New Vulnerabilities Friday 06 December

Monthly Patches are out for Google Pixel. New Alerts for Microsoft Edge, Planet Technology, Tenable, NetApp, and Dell. Microsoft  Microsoft has updated Edge with the latest chromium updates and 1 Edge-specific fix.More info. Google  Monthly Patches for Pixel are out, with 14 vulnerabilities, 2 rated Critical, 4 rated High, and 8 rated Mod...

0
  54 Hits
  0 Comments

New Vulnerabilities Thursday 05 December

New Alerts for Django, IBM, and Linux. Django  Django has published an update with fixes for 2 security vulnerabilities.More info. IBM  IBM has published a Critical security bulletin for Sterling Secure Proxy. CVSSv3 score of 9.1More info. Linux  Alpine Linux has released 3.21.0. More info. Security Wizardry Cyber Threat Intelligence...

0
  51 Hits
  0 Comments

New Vulnerabilities Wednesday 04 December

New Alerts for Google Chrome, Moxa, IBM, Dell, Ruijie, and Linux. Google  Google has updated Chrome for Desktop with 4 security fixes.More info. Moxa  Moxa MDS-G4028-L3 and EDS-G512E series are affected by vulnerabilities that could allow unauthorized access. The EDS-G512E series is impacted by a weak SSL/TLS key exchange. Highest CVSSv3 ...

0
  55 Hits
  0 Comments

New Vulnerabilities Tuesday 03 December

Monthly Patches are out for Google Android and Samsung. New Alerts for Zyxel, ASUS, F5, WAGO, and Linux. Google  Android Monthly Patches are out with 6 vulnerabilities, all rated High, plus patches for Imagination Technologies, MediaTek, and Qualcomm.More info. Samsung  Monthly Patches are out with 8 vulnerabilities, plus Android patches....

0
  63 Hits
  0 Comments

New Vulnerabilities Monday 02 December

Monthly Patches are out for Qualcomm, MediaTek, and Samsung Semiconductor. New Alerts for Acronis and Linux. Qualcomm  Qualcomm Monthly Patches are out with 7 vulnerabilities, all rated High, plus open source software patches. Highest CVSSv3 score of 8.4More info. MediaTek  Monthly Patches are out with 15 vulnerabilities, 1 rated High and...

0
  86 Hits
  0 Comments

New Vulnerabilities Friday 29 November

New Alerts for IBM, B&R Automation, Squid, Jenkins, NetApp, GE Vernova, and Linux. IBM  IBM has published a Critical security bulletin for Security Verify Access Appliance.More info. B&R Automation  An authentication bypass vulnerability exists in several mapp components. CVSSv4 score of 8.4More info. Squid  Squid is vulnerab...

0
  91 Hits
  0 Comments

New Vulnerabilities Thursday 28 November

New Alerts for IBM, GitLab, and Linux. IBM  IBM has published Critical security bulletins for Cloud Pak for Network Automation, Maximo Predict, and Analytics Content Hub.More info. GitLab  GitLab has put out an update for 6 security vulnerabities, 1 rated High and 5 rated Medium.More info. Linux  SUSE has updated the kernel. More inf...

0
  86 Hits
  0 Comments

New Vulnerabilities Wednesday 27 November

New Alerts for HPE, F5, and Synology. HPE  A security vulnerability in HPE IceWall products could be exploited remotely to cause Unauthorized Data Modification. This vulnerability could allow a user to repeatedly fail a password attempt more than the specified number of times. CVSSv3 score of 3.7More info. F5  Vulnerabilities in Qt affect...

0
  84 Hits
  0 Comments

New Vulnerabilities Tuesday 26 November

New Alerts for HPE, F5, Mozilla, Sprecher Automation, Hitachi Energy, IBM, and Linux. HPE  Security vulnerabilities have been identified in HPE AutoPass License Server (APLS) that could allow a remote attacker to disclose information, bypass authentication, and execute remote code. Highest CVSSv3 score of 8.0More info. F5  F5 has publishe...

0
  102 Hits
  0 Comments

New Vulnerabilities Monday 25 November

New Alerts for Siemens, Trellix, Moxa, IBM, and Linux. Siemens  RUGGEDCOM APE1808 uses Palo Alto Networks PAN-OS. Highest CVSSv4 score of 9.3No patches yet.More info. Trellix  Enterprise Security Manager has been updated to resolve several security vulnerabilities.More info. Moxa  Multiple Moxa Ethernet switches are affected by the s...

0
  103 Hits
  0 Comments

New Vulnerabilities Friday 22 November

New Alerts for Microsoft Edge, BD, Automated Logic, QNAP, mySCADA, NetApp, and Linux.  Microsoft  Microsoft has updated Edge with the latest chromium updates and one Edge-specific fix.More info. BD  BD has implemented October patches from Microsoft into IDM, Pyxis, Data Agent, CCE, and Alaris.More info. Automated Logic  WebCTRL ...

0
  104 Hits
  0 Comments

New Vulnerabilities Thursday 21 November

New Alerts for Wireshark, PHP, IBM, and Linux. Wireshark  Two DoS vulnerabilities have been patched in Wireshark.More info. PHP  Several security vulnerabilities have been fixed in the latest versions of PHP.More info. IBM  Critical bulletins have been published for QRadar SIEM, Robotic Process Automation, Planning Analytics Workspac...

0
  97 Hits
  0 Comments

New Vulnerabilities Wednesday 20 November

Monthly Patches are out for Atlassian. New Alerts for Google Chrome, Apple (Exploit), Spring, M-Files, Dell, and Linux. Google  Google has updated Chrome for Desktop to fix 3 security vulnerabilities.More info. Atlassian  Monthly Patches include fixes for Bamboo, Bitbucket, Confluence, Crowd, Jira, Jira Service Management, Sourcetree for ...

0
  116 Hits
  0 Comments

New Vulnerabilities Tuesday 19 November

New Alerts for Palo Alto Networks (fix for Exploit), Oracle, Mitsubishi Electric, Synology, Westermo, and Linux. Palo Alto Networks  Palo Alto Networks has patched a previously reported and exploited unauthenticated RCE vulnerability. CVSSv4 score of 9.3More info. Oracle  Agile Product Lifecycle Management contains a vulnerability that al...

0
  126 Hits
  0 Comments

New Vulnerabilities Monday 18 November

New Alerts for Veritas, Palo Alto Networks (Exploit), Dell, HPE, and Citrix (Exploit). Veritas  Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP ports can be exploited due to vulnerabilities that are inherent to the .NET Remoting service...

0
  126 Hits
  0 Comments

New Vulnerabilities Friday 15 November

New Alerts for Blackberry, Baxter, Microsoft Edge, Spring, NetApp, IBM, and Linux. Blackberry  Multiple vulnerabilities in SecuSUITE Server could allow a remote attacker to enroll an attacker-controlled device to the victim's account and telephone number or inject script commands or other executable content into the server that would run with ...

0
  109 Hits
  0 Comments

New Vulnerabilities Thursday 14 November

Monthly Patches are out for Palo Alto Networks. New Alerts for Apache Traffic Server, Siemens, Dell, Mozilla, GitLab, and Linux. Palo Alto Networks  Monthly Patches are out with 9 bulletins, 1 rated High, 4 rated Medium, and 4 rated Low. Several bulletins address DoS vulnerabilities in the firewall. Highest CVSSv3 score of 8.6More info. Apache...

0
  119 Hits
  0 Comments

New Vulnerabilities Wednesday 13 November

Monthly Patches are out for Microsoft (Exploit), Adobe, and Fortinet. New Alerts for Ivanti, Google Chrome, Westermo, Rockwell Automation, HPE, Broadcom, and Linux. Microsoft Exploit Monthly Patches are out with 83 vulnerabilities, 3 rated Critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Highest...

0
  134 Hits
  0 Comments

New Vulnerabilities Tuesday 12 November

Monthly Patches are out for Schneider Electric, Siemens, and SAP. New Alerts for HPE, Citrix, Zoom, and Linux. Monthly Patches for Microsoft and Adobe are expected this afternoon, and Palo Alto expected tomorrow. Schneider Electric  Monthly Patches include 4 new bulletins, all remotely exploitable without authentication, and 2 updated bulletin...

0
  123 Hits
  0 Comments

New Vulnerabilities Monday 11 November

New Alerts for Dell, GE HealthCare, Extreme Networks, and Linux.  Dell  Dell has published Critical updates for NetWorker, APEX Cloud Platform, Metro node, and VxRail.More info. GE HealthCare  A limited number of GE HealthCare products are impacted by vulnerabilities in Mirth Connect from 2023. CVSSv3 score of 9.8More info. Extreme N...

0
  118 Hits
  0 Comments

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/