This week we have nine vendor disclosures from Delta Electronics, Honeywell, HP (3), HPE, Philips, Rockwell, and WAGO. There are also three vendor updates from HPE, WAGO, and Welotec.
Advisories
Delta Advisory - Delta
published an
advisory that describes two stack-based buffer overflow vulnerabilities in
their CNCSoft-G2 product.
Honeywell Advisory -
Honeywell published an end-of-life notice for the legacy integrations in their
Pro-Watch product.
HP Advisory #1 - HP published an
advisory that discusses seven vulnerabilities in multiple HP product lines.
HP Advisory #2 - HP published an
advisory that discusses six vulnerabilities (with publicly available
exploits) in multiple PC product lines.
HP Advisory #3 - HP published an
advisory that discusses four vulnerabilities in multiple product lines.
HPE Advisory - HPE
published an
advisory that discusses an out-of-bounds read vulnerability in their HPE
Superdome Flex and Compute Scale-up Server 3200.
Philips Advisory -
Philips published an advisory
that discusses the Shai-Hulud
worm.
Rockwell Advisory - Rockwell published an
advisory that discusses a stack-based buffer overflow vulnerability in
their Stratix products.
WAGO Advisory - CERT-VDE published an advisory that describes two missing authentication for critical function vulnerabilities in the WAGO Software Device Sphere and Software Solution Builder.
Updates
HPE Update - HPE
published an
update for their Blast-RADIUS advisory
that was originally published on July 9th, 2024, and most recently
updated on January 22nc, 2025.
WAGO Update - CERT-VDE
published an update for the WAGO 750-8xx Controller advisory that was
originally published on August 17th, 2018, and most recently updated
on May 22nd, 2025.
Welotec Update - CERT-VDE
published an update for the Welotec SmartEMS Upload advisory that was
originally published on September 10th, 2025.
Posts
No comments:
Post a Comment