Alerts

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform cross-site request forgery attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privilege, perform denial of services attacks, or execute arbitrary commands and gain access to the affected product. […]

Google has released an updated Chrome version 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google

F5 has released security updates to address multiple vulnerabilities across BIG-IP and BIG-IQ. The addressed vulnerabilities could allow the remote attacker to conduct cross-site scripting attacks or bypass security restrictions and gain elevated privileges to the affected product. The addressed vulnerabilities: 1. BIG-IP Monitors Security Bypass Vulnerability (CVE-2024-45844): CVSS: 7.2 Attack Vector: Network Attack Complexity:

SolarWinds has released security updates to address multiple vulnerabilities affecting several SolarWinds products. The addressed vulnerabilities could allow the attacker to gain elevated privilege, obtain sensitive information, or perform cross-site scripting attacks on the affected system. Sample of the addressed vulnerabilities: 1. SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability (CVE-2024-45710): CVSS: 7.8

SonicWall has released security updates to fix multiple vulnerabilities across several SonicWall products. The addressed vulnerabilities could allow the attacker to gain unauthorized access, perform server-side request forgery attacks, gain elevated privilege, or perform denial of service attacks on the affected products. Sample of the addressed vulnerabilities: 1- SonicWALL SMA1000 Connect Tunnel Windows Client Link

Juniper has released security updates to fix multiple vulnerabilities affecting several products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and take full control of the affected products. Sample of the addressed vulnerabilities: 1- Junos OS Evolved: ACX 7000 Series: Improper Restriction of Communication Channel

VMware has released a security update to address several vulnerabilities across multiple VMware products. The addressed vulnerabilities could allow the attacker to gain elevated privileges (obtain permissions from a separate group role than previously assigned), perform spoofing attacks, or execute arbitrary code by crafting malicious payloads on the operating system as root. Sample of the

Google has released an updated Chrome version “129.0.6668.100/.101” for Windows and Mac and “129.0.6668.100” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP BusinessObjects Business Intelligence Platform, SAP Enterprise Project Connection, SAP PDCE, SAP NetWeaver, SAP Commerce Backoffice, SAP HANA Client, SAP S/4 HANA, SAP Student Life Cycle Management

Microsoft has released an updated Microsoft Edge version “129.0.2792.79” and Microsoft Edge extended version “128.0.2739.107” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed

Google has released an updated Chrome version 129.0.6668.89/.90 for Windows, Mac, and 129.0.6668.89 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Integer Overflow in Layout

Linux has released security updates to address several vulnerabilities in OpenPrinting CUPS. The addressed vulnerabilities could allow the unauthenticated attacker to silently replace existing printers (or install new ones) IPP urls with a malicious one, and execute arbitrary commands in the affected product when a print job is started. Sample of the addressed vulnerabilities: 1.

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of services attacks, bypass security restrictions, conduct cross-site scripting attacks, and cross-site request forgery attacks on the affected product. Sample of the addressed vulnerabilities: 1. Cisco Catalyst SD-WAN Routers

Google has released an updated Chrome version 129.0.6668.70/.71 for Windows, and Mac and 129.0.6668.70 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google