Skip to main content

CND News and Blog

New Vulnerabilities Tuesday 29 August
michele654
Vulnerabilities
New Alerts for VirusTotal YARA, SICK, Hitachi Energy, ClamAV, IBM, Mozilla, and Linux. VirusTotal  A buffer overflow vulnerability in VirusTotal YARA allows a remote attacker to create a malicious ruleset that will execute arbtirary code. CVSSv3 score of 9.8Don't use unknown rulesets.More info. SICK  Multiple vulnerabilities exist in the ...
New Vulnerabilities Monday 28 August
michele654
Vulnerabilities
New Alerts for IBM, NetApp, Google ChromeOS, and Apache Tomcat. IBM  IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from systemd, libcap, openssl-libs, libxml2, go-toolset, and prometheus-operator. Highest CVSSv3 score of 9.8More info. NetApp  NetApp has published 2 new bulletins identifying ...
New Vulnerabilities Friday 25 August
michele654
Vulnerabilities
New Alerts for Opto 22, KNX, D-Link, IBM, NetApp, and Linux. Opto 22  SNAP PAC S1 contains several vulnerabilities that could allow a remote attacker to brute force passwords, access certain device files, or cause a DoS. Highest CVSSv3 score of 7.5No patch, secure your network.More info. KNX  KNX devices that use KNX Connection Authorizat...
New Vulnerabilities Thursday 24 August
michele654
Vulnerabilities
New Alerts for Moxa, Sprecher Automation, Rockwell Automation, WithSecure, Wireshark, and Linux. Moxa  ioLogik 4000 Series is affected by multiple web server vulnerabilities and an improper access control vulnerability. Highest CVSSv3 score of 5.3More info. Sprecher Automation  A vulnerability in Wibu Systems CodeMeter User Runtime Softwa...
New Vulnerabilities Wednesday 23 August
michele654
Vulnerabilities
New Alerts for Google Chrome, Ormazabal, Aruba, DrayTek, Mitel, and Linux. Google  Five security vulnerabilities have been fixed in Google Chrome, the most severe of which could allow for arbitrary code execution.More info. Ormazabal  Ten vulnerabilities have been identified in Ormazabal's ekorCCP and ekorRCI industrial devices. Highest C...
New Vulnerabilities Tuesday 22 August
michele654
Vulnerabilities
New Alert for Microsoft Edge. Microsoft  Microsoft has updated Edge with the latest chromium updates and an Edge-specific vulnerability fix. CVSSv3 score of 6.5 for the Edge vulnerability.More info. Security Wizardry Cyber Threat Intelligence - The Radar Page https://radar.securitywizardry.com/ Security Wizardry Cyber Threat Intelligence - The...
New Vulnerabilities Monday 21 August
michele654
Vulnerabilities
New Alerts for Rockwell Automation, Ivanti (Exploit), and Linux. Rockwell Automation  ThinManager contains 3 vulnerabilities that could allow a remote attacker to cause a DoS or delete arbitrary files. Highest CVSSv3 score of 9.8More info. Ivanti Exploit A vulnerability has been discovered in Ivanti Sentry that allows a remote attacker to acce...
New Vulnerabilities Friday 18 August
michele654
Vulnerabilities
New Alerts for Walchem, Microsoft Edge, Juniper, Ubiquiti, Supermicro (Exploit), CODESYS, HPE, NetApp, and Linux. Walchem  Walchem Intuition 9 firmware is missing authentication for some of the API routes of the management web server, allowing a remote attacker to download and export sensitive data. CVSSv3 score of 7.5More info. Microsoft ...
New Vulnerabilities Thursday 17 August
michele654
Vulnerabilities
New Alerts for Cisco, ClamAV, Mitsubishi Electric, Moxa, Atlassian, IBM, and Synology. Cisco  Cisco has published 17 new bulletins, 5 rated High and 12 rated Medium. Highest CVSSv3 score of 8.1More info.Secure Endpoint products are affected by a ClamAV vulnerability allowing a DoS. CVSSv3 score of 7.5 More info. And here. ClamAV  ClamAV h...
New Vulnerabilities Wednesday 16 August
michele654
Vulnerabilities
New Alerts for Google Chrome, BD, Meinberg, and Linux. Google  Google has published an update for Chrome for Desktop that includes 26 security fixes.More info.Microsoft is aware. More info. BD  BD has published security patches for Pyxis, Data Agent, CCE, Alaris, and IDM.More info. Meinberg  LANTIME firmware has been updated to inclu...
New Vulnerabilities Tuesday 15 August
michele654
Vulnerabilities
New Alerts for Zyxel, NetApp, and Linux. Zyxel  Zyxel has released updates for several switches to fix a DoS vulnerability.More info. NetApp  NetApp has published 9 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8. No patches yet.More info. Linux  SUSE has updat...
New Vulnerabilities Monday 14 August
michele654
Vulnerabilities
New Alert for Linux. Linux  SUSE has updated the kernel and kernel firmware. More info.OpenSUSE has updated the kernel and kernel firmware. More info.Debian has updated the kernel and microcode. More info.Ubuntu has updated the kernel and microcode. More info. Security Wizardry Cyber Threat Intelligence - The Radar Page https://radar.securityw...
New Vulnerabilities Friday 11 August
michele654
Vulnerabilities
New Alert for Belden. Happy Friday! Belden  Hirschmann Wireless OWL contains a vulnerability in zlib. CVSSv3 score of 9.8More info. Security Wizardry Cyber Threat Intelligence - The Radar Page https://radar.securitywizardry.com/ Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page A mobile version of our Security Wizardry Radar ...
New Vulnerabilities Thursday 10 August
michele654
Vulnerabilities
New Alerts for Xerox, Dell, Softing (0-Day), and Linux. Xerox  Xerox has updated FreeFlow Print Server with the latest 3rd-party software updates. Highest CVSSv3 score of 9.8More info. And here. Dell  Security Update for Dell ESI (Enterprise Storage Integrator) for SAP LAMA multiple security vulnerabilities. Dell rates this Critical.More ...
New Vulnerabilities Wednesday 09 August
michele654
Vulnerabilities
Monthly Patches are out for Microsoft and Adobe. New Alerts for Rockwell Automation, IBM, Dell, Hitachi, and Linux. Microsoft Exploit Microsoft Monthly Patches are out, with patches for 88 vulnerabilities, 6 are Critical, and 2 are being exploited. Highest CVSSv3 score of 9.8More info. And here. And here. Adobe  Adobe Monthly Patches include p...
New Vulnerabilities Tuesday 08 August
michele654
Vulnerabilities
Monthly Patches are out for Google Android, Google Pixel, Samsung, Siemens, Schneider Electric, and SAP. New Alerts for Microsoft Edge, Zoom, Phoenix Contact, and Linux.           Microsoft and Adobe Monthly Patches are expected this afternoon. Google  Google Android Monthly Patches are out, with 37 addressed vuln...

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/