This week was a relatively busy Cyber Reporting Week. For Part 1 we have 23 vendor disclosures from Broadcom, Dassault Systems (2), FortiGuard (4) Hitachi (7), HP (3), and HPE (6).
Advisories
Broadcom Advisory - Broadcom published an
advisory that discusses an exposure of sensitive information vulnerability
(with publicly available exploit) in multiple Brocade products.
Dassault Systems Advisory #1 - Dassault Systems published
an
advisory that describes a use after free vulnerability in their SOLIDWORKS
eDrawings product.
Dassault Systems Advisory #2 - Dassault Systems
published an
advisory that describes an out-of-bounds write vulnerability in their SOLIDWORKS
eDrawings product.
FortiGuard Advisory #1 - FortiGuard published an advisory that describes
a buffer over-read vulnerability in their FortiOS product.
FortiGuard Advisory #2 - FortiGuard published an advisory that describes
an integer overflow or wraparound vulnerability in their FortiOS product.
FortiGuard Advisory #3 - FortiGuard published an advisory that describes
a missing authentication for critical function vulnerability in multiple
FortiGuard products.
FortiGuard Advisory #4 - FortiGuard published an advisory that describes
a missing authorization vulnerability in their FortiManager products.
Hitachi Advisory #1 - Hitachi published an
advisory that discusses 43 vulnerabilities in their JP1/IT Desktop
Management 2 product.
Hitachi Advisory #2 - Hitachi published an
advisory that discusses two vulnerabilities in their JP1/IT Desktop
Management 2 product.
Hitachi Advisory #3 - Hitachi published an
advisory that discusses 12 vulnerabilities (two with publicly available
exploits) in multiple Hitachi products.
Hitachi Advisory #4 - Hitachi published an
advisory that discusses two improper access control vulnerabilities in
their Cosminexus Developer's Kit.
Hitachi Advisory #5 - Hitachi published an
advisory that describes four vulnerabilities in multiple Analyzer products.
Hitachi Advisory #6 - Hitachi published an
advisory that describes three vulnerabilities in their JP1/IT Desktop
Management 2 product.
Hitachi Advisory #7 - Hitachi published an
advisory that discusses 20 vulnerabilities in Ops Center Common Services.
HP Advisory #1 - HP published an
advisory that discusses an information disclosure vulnerability in multiple
HP product lines.
HP Advisory #2 - HP published an
advisory that discusses seven vulnerabilities in multiple HP product lines.
HP Advisory #3 - HP published an
advisory that discusses eight vulnerabilities in multiple HP product lines.
HPE Advisory #1 - HPE published an
advisory that discusses an exposure of sensitive information in shared microarchitectural
structures during transient execution vulnerability in their StoreEasy Servers.
HPE Advisory #2 - HPE published an
advisory that that discusses an exposure of sensitive information in shared
microarchitectural structures during transient execution vulnerability in their
ProLiant DL/ML, Synergy and, Edgeline Servers
HPE Advisory #3 - HPE published an
advisory that discusses two vulnerabilities in their ProLiant DL/ML,
Alletra, Synergy, and Edgeline Servers.
HPE Advisory #4 - HPE published an
advisory that discusses two vulnerabilities in their StoreEasy Servers.
HPE Advisory #5 - HPE published an
advisory that that discusses an exposure of sensitive information
vulnerability (with publicly available exploit) in their StoreEasy Servers.
HPE Advisory #6 - HPE published an
advisory that discusses an exposure of sensitive information vulnerability
(with publicly available exploit) in their ProLiant DL/ML/XL, Alletra, Edgeline
and Synergy Servers.
For more information on these disclosures, including links
to 3rd party advisories, researcher reports, and exploits, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-week-76e
- subscription required.
Posts
No comments:
Post a Comment