Google has released an updated Chrome version “133.0.6943.53/54” for Windows and Mac and “133.0.6943.53” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected systems by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. […]
Google Chrome Security Update – 05 February 2025 Read More »
Veeam has released a security update to fix a critical vulnerability across multiple Veeam products. The addressed vulnerability could allow the remote attacker to utilize a Man-in-the-Middle attack to execute arbitrary code with root-level permissions and gain access to the affected systems. Veeam Backup Arbitrary Code Execution Vulnerability (CVE-2025-23114): CVSS: 9.0 Attack Vector: Network Attack
Veeam Security Update – 05 February 2025 Read More »
VMware has released a security update to address multiple vulnerabilities affecting several VMware products. The addressed vulnerabilities could allow the remote attacker to gain elevated privileges, perform cross-site scripting attacks, or obtain sensitive information about the affected systems. Sample of the addressed vulnerabilities: 1. VMware Aria Operations for Logs Information Disclosure Vulnerability (CVE-2025-22218): CVSS: 8.5
VMware Security Update – 02 February 2025 Read More »
Apple has released security updates to address multiple vulnerabilities across macOS Sequoia, Sonoma, Ventura, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, conduct spoofing attacks, obtain sensitive information, perform denial of services attacks, gain elevated privileges, or execute arbitrary code and gain access to the affected systems. Sample of the
Apple Security Updates – 02 February 2025 Read More »
VMware has released a security update to address a vulnerability affecting VMware Avi Load Balancer. The addressed vulnerability could allow the remote attacker to perform blind SQL injection attacks and gain access to the affected system. VMware Avi Load Balancer unauthenticated Blind SQL Injection Vulnerability (CVE-2025-22217): CVSS: 8.6 Attack Vector: Network Attack Complexity: Low Privileges
VMware Security Update – 29 January 2025 Read More »
Cisco has released security updates to fix multiple vulnerabilities affecting several Cisco products. The addressed vulnerabilities could allow the attacker to conduct denial of services attacks, bypass security restrictions, perform cross-site scripting attacks, obtain sensitive information, or gain elevated privileges and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Cisco Meeting
Cisco Security Updates – 23 January 2025 Read More »
Google has released an updated Chrome version “132.0.6834.110/111” for Windows and Mac and “132.0.6834.110” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary codes and gain access to the affected systems. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2025-0611): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low Privileges
Google Chrome Security Update – 23 January 2025 Read More »
SonicWall has released a security update to fix a critical vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) version 12.4.3-02804 and earlier versions. The addressed vulnerability could allow the remote unauthenticated attacker to execute arbitrary OS commands and gain unauthorized access to the affected systems. SonicWALL SMA1000 Pre-Authentication Remote Command
SonicWall Security Update – 23 January 2025 Read More »
Oracle released its critical patch updates for January 2025, containing (318) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, gaining elevated privileges, conducting denial of service attacks, performing data manipulation (update, insert, or delete
Oracle Security Patch Update – 22 January 2025 Read More »
Aruba has released security updatesto fix several vulnerabilities affecting multiple Aruba products. The addressed vulnerabilities could allow the attacker to manipulate data to view, add, modify, delete, or execute arbitrary commands/codes and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. HPE Aruba Authenticated Remote Code Execution in AOS Web-based Management Interface
Aruba Security Updates – 21 January 2025 Read More »
Microsoft has released an updated version of Microsoft Edge “132.0.2957.115” and a version of Microsoft Edge Update Setup “1.3.195.43” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform spoofing attacks, obtain sensitive information, gain elevated privileges, or gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Microsoft
Microsoft Edge Security Update – 19 January 2025 Read More »
Google has released an updated Chrome version “132.0.6834.83/84” for Windows and Mac and “132.0.6834.83” for Linux. The addressed vulnerabilities could allow the remote attacker to perform spoofing attacks, obtain sensitive information, gain elevated privileges, or gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Google Chrome Privilege Escalation Vulnerability (CVE-2025-0443): CVSS: 8.8
Google Chrome Security Update – 16 January 2025 Read More »
Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. obtain sensitive information, or perform denial-of-service attacks on the affected systems. Sample of the addressed Vulnerabilities: 1. Zoom Apps Privilege Escalation Vulnerability (CVE-2025-0147): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Consequences: Gain Privileges 2. Zoom
Zoom Security Updates – 15 January 2025 Read More »
Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the attacker to escalate elevated privileges, perform denial of service attacks, bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Ivanti EPM Path
Ivanti Security Updates – 15 January 2025 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, perform denial of services attacks, manipulate files, conduct SQL injection attacks, bypass security restrictions, perform cross-site scripting attacks, or execute arbitrary code and gain access to the affected
Fortinet Security Updates – 15 January 2025 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed eight zero-day vulnerabilities with three actively exploited in attacks. Microsoft has fixed (161) vulnerabilities, with (3) classified as critical as they could allow the attacker to conduct spoofing attacks, perform denial of service attacks, gain elevated privileges, obtain
Microsoft January 2025 Patch Tuesday Read More »
SAP has released security updates to address several vulnerabilities affecting multiple products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such SAP NetWeaver ABAP and ABAP Platform, SAP NetWeaver AS for ABAP and ABAP Platform, SAP BusinessObjects Business Intelligence Platform, SAPSetup, SAP Business Workflow, SAP Flexible Workflow, SAP NetWeaver Application
SAP January 2025 Security Patch Day Read More »
Aruba has released security updates to fix multiple vulnerabilities affecting Aruba Networking 501 Wireless Client and Aruba CX 10000 Switch Series. The addressed vulnerabilities could allow the attacker to bypass security restrictions or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: HPE Aruba Networking 501 Wireless Client Bridge
Aruba Security Updates – 09 January 2025 Read More »
Juniper has released security updates to fix several vulnerabilities affecting multiple Juniper Networks products. The addressed vulnerabilities could allow the attacker to obtain sensitive information or perform denial of service attacks to the affected products. Sample of the addressed vulnerabilities: 1. Juniper Networks Junos OS and Junos OS Evolved Denial of Service Vulnerability (CVE-2025-21599): CVSS:
Juniper Security Updates – 09 January 2025 Read More »
Mozilla has released an updated Firefox version 134, Firefox ESR versions 128.6, and 115.19 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to perform spoofing attacks, gain elevated privileges, bypass security restrictions or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Mozilla Firefox Memory
Mozilla FireFox Security Updates – 09 January 2025 Read More »
