LINK As stated above, if you have Firefox or Thunderbird, upgrade now.
LINK Apache Tomcat did not correctly parse the HTTP transfer-encoding requestheader in some circumstances leading to the possibility to requestsmuggling when used with a reverse proxy. Specifically: Tomcatincorrectly ignored the transfer-encoding header if the client declaredit would only accept an HTTP/1.0 response; Tomcat honoured the identifyencoding; and Tomcat did not ensure that, if present, the […]
LINK A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
LINK Mitsubishi Electric released some new updates for AC systems. Take a look if you have them,
LINK SolarWinds Serv-U FTP software has been found to have a Remote memory escape – if you use Serv-U, time to update it.
LINK Essentially, they are saying the patch was released as it was meant to installed, but additional actions required to registry changes to Point and Print to an insecure configuration. In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings After applying the security update, review the registry settings […]
LINK Cisco released a bunch of new updates…Take a look if you have any Cisco systems.
LINK This is going to be a long complex issue with more coming…..
LINK 4 Vulnerabilities found in Sage X3 with one being a RCE requiring no authentication.
LINK If you have Windows…we have an update for you.