This Saturday after the second Tuesday we have a large slate of disclosures to look at. For Part 1, we have 24 vendor disclosures from Auma, Fujitsu, HP (7), HPE (6), Keysight Technologies, Palo Alto Networks (2), PcVue, Schneider (4), and Sick.
Auma Advisory - CERT-VDE published an advisory that
discusses 73 vulnerabilities in the Auma SIMA Master Station.
Fujitsu Advisory - Fujitsu published an
advisory that discusses three vulnerabilities in a number of Fujitsu
products.
HP Advisory #1 - HP published an
advisory that discusses 14 vulnerabilities in a wide variety of their PCs,
notebooks and workstations.
HP Advisory #2 - HP published an advisory
that discusses an improper restriction of XML external entity reference
vulnerability in a wide variety of their PCs, notebooks and workstations.
HP Advisory #3 - HP published an
advisory that discusses an improper restriction of XML external entity reference
vulnerability (with a known exploit) in a wide variety of their PCs, notebooks
and workstations.
HP Advisory #4 - HP published an
advisory that discusses four vulnerabilities in a wide variety of their PCs,
notebooks and workstations.
HP Advisory #5 - HP published an
advisory that discusses three vulnerabilities in in a wide variety of their
PCs, notebooks and workstations.
HP Advisory #6 - HP published an
advisory that discusses four vulnerabilities in a wide variety of their PCs,
notebooks and workstations.
HP Advisory #7 - HP published an
advisory that discusses an information disclosure vulnerability in a wide
variety of their PCs, notebooks and workstations.
HPE Advisory #1 - HPE published an
advisory that discusses a privilege escalation vulnerability in their HPE
ProLiant DL Servers.
HPE Advisory #2 - HPE published an
advisory that discusses an information disclosure vulnerability in their ProLiant
DL/ML Servers.
HPE Advisory #3 - HPE published an
advisory that discusses an information disclosure vulnerability in their ProLiant
DX Servers.
HPE Advisory #4 - HPE published an
advisory that discusses a privilege escalation vulnerability in their Synergy
Servers.
HPE Advisory #5 - HPE published an
advisory that discusses an information disclosure vulnerability in their Synergy
Servers.
HPE Advisory #6 - HPE published an
advisory that discusses a privilege escalation vulnerability ProLiant DX
Servers.
Keysight Advisory - INCIBE-CERT published an
advisory that describes two vulnerabilities in the Keysight Sensor
Management Server.
Palo Alto Networks Advisory #1 - Palo Alto Networks
published an
advisory that describes a reduced effectiveness of their Cortex XDR Agent
anti-ransomware endpoint protection module.
Palo Alto Networks Advisory #2 - Palo Alto Networks
published an advisory that describes a reflected amplification DOS
vulnerability in their PAN-OS.
PcVue Advisory - PcVue published an
advisory that describes a clear-text storage of sensitive information in
their PcVue OAuth web service.
Schneider Advisory #1 - Schneider published an
advisory that describes a weak password recovery vulnerability in their EcoStruxure™
Control Expert , EcoStruxure™ Process Expert, Modicon M580 and M340 products.
Schneider Advisory #2 - Schneider published an
advisory that describes an integer underflow vulnerability in their Modicon
PAC Controllers.
Schneider Advisory #3 - Schneider published an advisory that describes an
improper restriction of operations within the bounds of a memory buffer.
Schneider Advisory #4 - Schneider published an
advisory that describes an information disclosure vulnerability in their Modicon
PAC Controllers.
Sick Advisory - Sick published an advisory that discusses
an infinite loop vulnerability in their SIM products. This is a third-party (OpenSSL).
Posts
No comments:
Post a Comment