Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed four zero-day vulnerabilities. Microsoft has fixed (91) vulnerabilities, with (4) classified as critical as they could allow the attacker to gain elevated privileges or execute arbitrary code and gain access to the affected products by persuading the victim […]
Microsoft November 2024 Patch Tuesday Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver, SAP Web Dispatcher, SAP PDCE, SAP Host Agent, SAP Cash Management, and SAP Bank Account Management. The attacker could exploit some of these vulnerabilities to
SAP November 2024 Security Patch Day Read More »
Veeam has released a security update to fix a vulnerability affecting Veeam Backup Enterprise Manager (VBEM). The addressed vulnerability could allow the remote attacker to bypass the authentication while performing a Man-in-the-Middle (MITM) attack. Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715): CVSS: 7.7 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Consequences:
Veeam Security Update – 10 November 2024 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of services attacks, bypass security restrictions, conduct cross-site scripting attacks, obtain sensitive information, manipulate data, execute arbitrary codes/SQL commands, and gain access to the affected system. Sample of the addressed vulnerabilities: Cisco
Cisco Security Updates – 07 November 2024 Read More »
Aruba has released security updates to fix multiple vulnerabilities affecting Aruba Access Points running Instant AOS-8 and AOS 10. The addressed vulnerabilities could allow the remote attacker to execute arbitrary commands and gain access to the affected product by sending a specially crafted request via UDP port 8211. Sample of the addressed vulnerabilities: HPE Aruba
Aruba Security Updates – 06 November 2024 Read More »
Google has released an updated Chrome version 130.0.6723.116/.117 for Windows, Mac and 130.0.6723.116 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10826):
Google Chrome Security Update – 06 November 2024 Read More »
Apple has released security updates to address several vulnerabilities across macOS Ventura, macOS Sequoia, macOS Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, perform denial of services attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Apple
Apple Security Updates 03 November 2024 Read More »
Google has released an updated Chrome version 130.0.6723.91/.92 for Windows, Mac and 130.0.6723.91 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10488):
Google Chrome Security Update – 30 October 2024 Read More »
Mozilla has released an updated Firefox version 132, Firefox ESR versions 128.4, and 115.17 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected system. Sample of the
Mozilla Firefox Security Updates – 30 October 2024 Read More »
Cisco has released security updates to fix multiple vulnerabilities affecting several Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform cross-site request forgery attacks, perform cross-site scripting attacks, obtain sensitive information, perform SQL injection attacks, gain elevated privilege, perform denial of services attacks, or execute arbitrary commands and gain access
Report Summary Cisco Security Updates – 24 October 2024 Read More »
Fortinet has released security updates to fix multiple vulnerabilities across several Fortinet products The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, perform denial of services attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. FG-IR-24-423 Missing Authentication in Fgfmsd Vulnerability
Fortinet Security Updates – 24 October 2024 Read More »
Grafana has released security updates to address multiple vulnerabilities affecting several Grafana versions. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: Grafana SQL Expressions Code Execution Vulnerability (CVE-2024-9264): CVSS: 9.9 Attack Vector: Network
Grafana Security Updates – 23 October 2024 Read More »
Google has released an updated Chrome version 130.0.6723.69/.70 for Windows, Mac and 130.0.6723.69 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome
Google Chrome Security Update – 23 October 2024 Read More »
Microsoft has released an updated Microsoft Edge version “130.0.2849.46” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform spoofing attacks, execute arbitrary code, and gain access to the affected system, by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge
Microsoft Edge Security Update – 20 October 2024 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform cross-site request forgery attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privilege, perform denial of services attacks, or execute arbitrary commands and gain access to the affected product.
Cisco Security Updates – 17 October 2024 Read More »
Google has released an updated Chrome version 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google
Google Chrome Security Update – 17 October 2024 Read More »
F5 has released security updates to address multiple vulnerabilities across BIG-IP and BIG-IQ. The addressed vulnerabilities could allow the remote attacker to conduct cross-site scripting attacks or bypass security restrictions and gain elevated privileges to the affected product. The addressed vulnerabilities: 1. BIG-IP Monitors Security Bypass Vulnerability (CVE-2024-45844): CVSS: 7.2 Attack Vector: Network Attack Complexity:
F5 Security Updates – 17 October 2024 Read More »
SolarWinds has released security updates to address multiple vulnerabilities affecting several SolarWinds products. The addressed vulnerabilities could allow the attacker to gain elevated privilege, obtain sensitive information, or perform cross-site scripting attacks on the affected system. Sample of the addressed vulnerabilities: 1. SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability (CVE-2024-45710): CVSS: 7.8
SolarWinds Security Updates – 16 October 2024 Read More »
Oracle released its critical patch updates for October 2024, containing (334) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, performing denial of service attacks, conducting cross-site scripting attacks, bypassing security restrictions, gaining elevated privileges,
Oracle Security Patch Update – 16 October 2024 Read More »
SonicWall has released security updates to fix multiple vulnerabilities across several SonicWall products. The addressed vulnerabilities could allow the attacker to gain unauthorized access, perform server-side request forgery attacks, gain elevated privilege, or perform denial of service attacks on the affected products. Sample of the addressed vulnerabilities: 1- SonicWALL SMA1000 Connect Tunnel Windows Client Link
SonicWall Security Updates – 13 October 2024 Read More »
