Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one actively exploited zero-day vulnerability. Microsoft has fixed (63) vulnerabilities, with (1) classified as critical, as it could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute […]
Microsoft November 2025 Patch Tuesday Read More »
Zoom has released a security update to fix multiple vulnerabilities in Zoom Client for Windows, macOS, Linux, and Android. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, obtain sensitive information, or gain elevated privileges to the affected system. Sample of the addressed vulnerabilities: 1. Zoom Workplace Clients-Inefficient Regular Expression Complexity Vulnerability
Zoom Security Update – 11 November 2025 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products, such as SAP SQL Anywhere Monitor (Non‑GUI), SAP Solution Manager, SAP NetWeaver, SAP HANA, SAP Business Connector, SAP S/4HANA (E‑Recruiting BSP), SAP Business One, SAP GUI for Windows, and
SAP Security Patch Day November 2025 Read More »
Google has released an updated version of Chrome “142.0.7444.134/.135” for Windows, “142.0.7444.135” for Mac, and “142.0.7444.134” for Linux. The addressed vulnerabilities could allow the attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google
Google Chrome Security Update – 09 November 2025 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, upload arbitrary files, bypass authentication, perform reflected cross-site scripting attacks, elevate privileges to root, obtain sensitive information, orexecute arbitrary commands/codes and gain access to the affected systems. Sample of addressed vulnerabilities:
Cisco Security Updates – 06 November 2025 Read More »
Apache has released security updates to address multiple vulnerabilities affecting Apache Tomcat. The addressed vulnerabilities could allow the attacker to perform denial-ofservice attacks, execute code, and gain access by sending a specially crafted URL to the affected system. Sample of the addressed vulnerabilities: 1. Apache Tomcat Console Manipulation Via Escape Sequences in Log Messages Vulnerability
Apache Tomcat Security Updates – 05 November 2025 Read More »
Progress has released a security update to address several vulnerabilities affecting Progress MOVEit-Transfer and Progress Flowmon. The addressed vulnerabilities could allow the attacker to perform denial of service attacks or gain elevated privileges as root on the affected system during the initialization of SSH services. The addressed vulnerabilities: 1. Progress MOVEit Transfer Uncontrolled Resource Consumption
Progress Security Update – 04 November 2025 Read More »
Mozilla has released an updated Firefox version 144.0.2 to address critical vulnerability The addressed vulnerability could allow the attacker to execute arbitrary code and gain access to the affected system. Mozilla Firefox Use-after-free in WebGPU internals triggered from a compromised child process (CVE-2025-12380): CVSS: 9.8 Attack Vector: Network Attack Complexity: Low Privileges Required: None User
Mozilla FireFox Security Update – 02 November 2025 Read More »
Oracle released its critical patch updates for October 2025, containing 374 new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks, such as obtaining sensitive information, conducting denial of service attacks, performing data manipulation (update, insert, or delete access), or executing
Oracle Security Patch Update – 22 October 2025 Read More »
Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, manipulate files, or execute arbitrary code/commands and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Unauthorized Filesystem Operations in System Firmware
Aruba Security Updates – 20 October 2025 Read More »
ConnectWise has released a security update to fix multiple vulnerabilities in ConnectWise Automate. The addressed vulnerabilities could allow the attacker to perform adversary-inthe- middle (AitM) attacks to view or modify traffic or substitute malicious updates and obtain sensitive information by configuring agents to communicate over HTTP instead of HTTPS. Sample of the addressed vulnerabilities: ConnectWise
ConnectWise Security Update – 19 October 2025 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct cross-site scripting attacks, or obtain sensitive information in clear text on the affected system. Sample of addressed vulnerabilities: Cisco Desk Phone, IP Phone, and Video Phone with SIP
Cisco Security Updates – 16 October 2025 Read More »
Mozilla has released an updated Firefox version 144, Firefox ESR versions 115.29 and 140.4 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, perform cross-site scripting attacks, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Mozilla Firefox
Mozilla Firefox Security Updates – 16 October 2025 Read More »
F5 has released security updates to address several vulnerabilities affecting multiple F5 products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, corrupt memory, bypass security restrictions, gain elevated privileges, obtain sensitive information, execute arbitrary code/commands, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. F5OS-A and
F5 Security Updates – 15 October 2025 Read More »
Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to perform denial of service or cross-site scripting attacks, bypass security restrictions, gain elevated privileges, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Adobe Connect Cross-Site
Adobe Security Updates – 15 October 2025 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, bypass security restrictions, conduct cross-site scripting or denial of service attacks, read arbitrary files via uploading a malicious solution pack, or execute arbitrary code and gain access to
Fortinet Security Updates – 15 October 2025 Read More »
Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, manipulate data, obtain sensitive information, or execute arbitrary code, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Ivanti Endpoint Manager Path Traversal Vulnerability
Ivanti Security Updates – 15 October 2025 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed six zero-day vulnerabilities. Microsoft has fixed (175) vulnerabilities, with (5) classified as critical, as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code
Microsoft October 2025 Patch Tuesday Read More »
Veeam has released a security update to fix several vulnerabilities across multiple Veeam products. The addressed vulnerabilities could allow the attacker to gain elevated privileges or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Veeam Backup & Replication Remote Code Execution Vulnerability (CVE- 2025-48983): CVSS: 9.9 Attack
Veeam Security Update – 14 October 2025 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products, such as SAP NetWeaver, SAP S/4HANA, SAP Supplier Relationship Management, SAP NetWeaver Application Server ABAP, SAP BusinessObjects, SAP Print Service, and SAP Commerce Cloud. The attacker could exploit some
SAP Security Patch Day October 2025 Read More »
