Alerts

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, gain elevated privileges, or obtain sensitive information and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Intel® Xeon® Processor with Intel® SGX Privilege Escalation (CVE-2024-23918): CVSS: 8.8 […]

Google has released an updated Chrome version 131.0.6778.69/.70 for Windows, and Mac and 131.0.6778.69 for Linux The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted HTML page. Sample of the addressed vulnerabilities:

Ivanti has released security updates to fix several critical vulnerabilities across multiple Ivanti products The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, escalate elevated privileges, conduct cross-site scripting attacks, data manipulation (view, modify, add, delete), bypass security restrictions, or execute arbitrary code and gain access to the affected systems.

Adobe has released security updates to fix two vulnerabilities affecting Adobe Commerce and Adobe Audition. The addressed vulnerabilities could allow the attacker to obtain sensitive information or bypass security restrictions on the affected systems. The addressed vulnerabilities: 1. Adobe Commerce Server-Side Request Forgery Vulnerability (CVE-2024- 49521): CVSS: 7.7 Attack Vector: Network Attack Complexity: Low Privileges

Citrix has released security updates to address several vulnerabilities affecting multiple Citrix products including a zero-day vulnerability. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Citrix Improper Restriction of Operations

Zoom has released security updates to fix several vulnerabilities in multiple Zoom products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, or obtain sensitive information and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Zoom Apps Privilege Escalation Vulnerability (CVE-2024-45421): CVSS: 8.5 Attack

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver, SAP Web Dispatcher, SAP PDCE, SAP Host Agent, SAP Cash Management, and SAP Bank Account Management. The attacker could exploit some of these vulnerabilities to

Veeam has released a security update to fix a vulnerability affecting Veeam Backup Enterprise Manager (VBEM). The addressed vulnerability could allow the remote attacker to bypass the authentication while performing a Man-in-the-Middle (MITM) attack. Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715): CVSS: 7.7 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Consequences:

Google has released an updated Chrome version 130.0.6723.116/.117 for Windows, Mac and 130.0.6723.116 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10826):

Apple has released security updates to address several vulnerabilities across macOS Ventura, macOS Sequoia, macOS Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, perform denial of services attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Apple

Google has released an updated Chrome version 130.0.6723.91/.92 for Windows, Mac and 130.0.6723.91 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10488):

Mozilla has released an updated Firefox version 132, Firefox ESR versions 128.4, and 115.17 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected system. Sample of the

Google has released an updated Chrome version 130.0.6723.69/.70 for Windows, Mac and 130.0.6723.69 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome

Microsoft has released an updated Microsoft Edge version “130.0.2849.46” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform spoofing attacks, execute arbitrary code, and gain access to the affected system, by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge