Znuny Vulnerabilities - Remote Attack Possible

CERT-Bund has issued a security advisory for Znuny, an open-source ticketing software, detailing multiple vulnerabilities with a CVSS base score of 7.5. These vulnerabilities allow for remote attacks, including information disclosure, data manipulation, and cross-site scripting. Mitigation is available.

Red Hat Enterprise Linux ncurses Vulnerability Allows Code Execution

CERT-Bund has issued an advisory for a vulnerability in Red Hat Enterprise Linux (ncurses) that allows local attackers to execute arbitrary code. The advisory assigns a CVSS Base Score of 7.3 (high) and a Temporal Score of 6.4 (medium). Mitigation is available.

Cisco IOS/XE Vulnerabilities - Remote Attack Possible

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Cisco IOS and IOS XE software, with a CVSS base score of 8.6. These vulnerabilities allow for remote attacks, potentially leading to extended privileges, code execution, and denial-of-service conditions. Mitigation measures are available.

Docker Vulnerabilities Advisory

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Docker, with a CVSS base score of 8.8. The vulnerabilities allow local attackers to bypass security measures and disclose information. A patch is available.

Cisco Catalyst SD-WAN Manager XSS Vulnerability

CERT-Bund has issued a security advisory for Cisco Catalyst SD-WAN Manager, detailing a Cross-Site Scripting (XSS) vulnerability. The advisory provides affected product versions and a CVSS score indicating a medium severity. Mitigation guidance is available.

IBM Operational Decision Manager Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in IBM Operational Decision Manager. The vulnerabilities, with a base CVSS score of 7.4, allow attackers to bypass security measures and manipulate files. Affected versions include various interim fixes across multiple release lines.

libpng Vulnerabilities Allow Remote Code Execution and Denial of Service

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in the libpng library, affecting versions prior to 1.6.56. These vulnerabilities could allow remote attackers to execute arbitrary code or cause a denial of service. The advisory provides mitigation information and details on affected systems.

SolarWinds Platform XSS Vulnerabilities Identified

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in the SolarWinds Platform that could allow for Cross-Site Scripting (XSS) attacks. The advisory provides details on affected versions and mitigation strategies. The identified vulnerabilities have a CVSS Base Score of 6.5, rated as medium.

Langflow Vulnerability Allows File Manipulation

CERT-Bund has issued a security advisory for Langflow versions prior to 1.5.1 and Langflow Base prior to 0.5.1, detailing a vulnerability that allows remote, authenticated attackers to manipulate files. The advisory highlights a CVSS base score of 8.8, indicating a high severity.

IBM InfoSphere Information Server Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory for IBM InfoSphere Information Server, detailing a vulnerability that allows remote attackers to bypass security measures. The advisory provides a CVSS base score of 6.5 and affects versions prior to 11.7.1.6 DT458455 on Linux, UNIX, and Windows systems.