This week, for Part 1, we have 24 vendor disclosures from ABB, FortiGuard (4), HP, HPE (4), NI (3), and Palo Alto Networks (11).
Advisories
ABB Advisory - ABB
published an
advisory that discusses 42 vulnerabilities in their Arctic communication
solution MtoM gateways.
FortiGuard Advisory #1 - FortiGuard published an advisory that describes
a storing passwords in a recoverable format vulnerability in their FortiOS products.
FortiGuard Advisory #2 - FortiGuard published an advisory that describes
an improper output neutralization for logs vulnerability in their FortiAnalyzer
and FortiManager products.
FortiGuard Advisory #3 - FortiGuard published an advisory that describes
two vulnerabilities in multiple FortiGuard products.
FortiGuard Advisory #4 - FortiGuard published an advisory that describes
an unverified password change vulnerability in their FortiSwitch products.
HP Advisory - HP
published an advisory that discusses an authentication bypass by spoofing vulnerability
in their Business Notebook PCs.
HPE Advisory #1 - HPE published an
advisory that describes two OS command injection vulnerabilities in their Aruba
Networking AOS-8 Instant AP and AOS-10 AP products.
HPE Advisory #2 - HPE published an
advisory that describes four vulnerabilities in their Aruba Networking
AOS-10 and AOS-8 Mobility Conductor, Controllers, and Gateways.
HPE Advisory #3 - HPE published an
advisory that describes an uncontrolled resource consumption vulnerability
in their NonStop OSM Service Connection Suite.
HPE Advisory #4 - HPE published an
advisory that discusses two vulnerabilities in their Cray XD670 Server.
These are third-party vulnerabilities.
NI Advisory # 1 - NI published an
advisory that describes two vulnerabilities in their LabVIEW product.
NI Advisory # 2 - NI published an
advisory that describes an uncontrolled search path vulnerability in their
Lab View product.
NI Advisory #3 - NI published an
advisory that describes an uncontrolled search path vulnerability in their
Lab View product.
Palo Alto Network Advisory #1 - Palo Alto Networks
published an
advisory that describes an execution with unnecessary privileges vulnerability
in their GlobalProtect App.
Palo Alto Network Advisory #2 - Palo Alto Networks
published an
advisory that describes a NULL pointer dereference vulnerability in their Cortex
XDR Agent.
Palo Alto Network Advisory #3 - Palo Alto Networks
has new versions that mitigate the vulnerability.
Palo Alto Network Advisory #4- Palo Alto Networks
published an
advisory that describes a cleartext storage of sensitive information
vulnerability in their PAN-OS products.
Palo Alto Network Advisory #5 - Palo Alto Networks
published an
advisory that describes an external control of file name or path vulnerability
in their PAN-OS products.
Palo Alto Network Advisory #6 - Palo Alto Networks
published an
advisory that describes an improper neutralization of script in attributes
in a web page vulnerability in their PAN-OS products.
Palo Alto Network Advisory #7 - Palo Alto Networks
published an
advisory that describes an session fixation vulnerability in their PAN-OS
products.
Palo Alto Network Advisory #8 - Palo Alto Networks
published an
advisory that describes an OS command injection vulnerability in their PAN-OS
products.
Palo Alto Network Advisory #9 - Palo Alto Networks
published an
advisory that describes an improper check for unusual or exceptional
conditions vulnerability in their PAN-OS.
Palo Alto Network Advisory #10 - Palo Alto Networks
published an
advisory that describes an OS command injection vulnerability in their Cortex
XDR Broker VM.
Palo Alto Network Advisory #11 - Palo Alto Networks published an advisory that discusses seven vulnerabilities (one listed in CISA’s KEV catelog) in their Prisma Access Browser.
Posts
No comments:
Post a Comment