This week we have a moderately busy disclosure week. We have a bulk disclosure from Splunk (7) vendor disclosures from ABB. We also have eight vendor disclosures from ABB, Cisco, Hitachi (3), Hitachi Energy (2), and HP.
Bulk Disclosure – Splunk
Third Party Packages in Splunk Enterprise SVD-2025-1007,
Splunk Enterprise server-side request forgery SVD-2025-1006,
Splunk Enterprise multiple LDAP bind requests SVD-2025-1005,
Splunk Enterprise XML external entity (XXE) injection SVD-2025-1004,
Splunk Enterprise execution of unauthorized JavaScript code SVD-2025-1003,
Splunk Enterprise execution of unauthorized JavaScript code SVD-2025-1002, and
Splunk Enterprise exposing
sensitive search results SVD-2025-1001
Advisories
ABB Advisory - ABB
published an
advisory that describes a heap-based buffer overflow vulnerability in their
Terra AC wallbox (JP) product.
Cisco Advisory - Cisco
published an
advisory that discusses two cross-site scripting vulnerabilities in their Cyber
Vision Center product.
Hitachi Advisory #1 - Hitachi published an
advisory that discusses 13 vulnerabilities (one with publicly available
exploits) in their Ops Center Common Services product.
Hitachi Advisory #2 - Hitachi published an
advisory that discusses 18 vulnerabilities (three with publicly available
exploits) in multiple Hitachi products.
Hitachi Advisory #3 - Hitachi published an
advisory that discusses two vulnerabilities in multiple Hitachi products.
Hitachi Energy Advisory #1 - Hitachi Energy published
an
advisory that describes an improper output neutralization for logs vulnerability
in their Asset Suite product.
Hitachi Energy Advisory #2 - Hitachi Energy published
an
advisory that describes three vulnerabilities in their MACH GWS product.
HP Advisory #1 - HP published an
advisory that discusses nine vulnerabilities in multiple HP thin client
PCs.
HP Advisory #2 - HP published an
advisory that describes an improper input validation vulnerability in their
Support Assistant product.
Posts
No comments:
Post a Comment