Alerts

Adobe has released security updates to fix two vulnerabilities affecting Adobe Commerce and Adobe Audition. The addressed vulnerabilities could allow the attacker to obtain sensitive information or bypass security restrictions on the affected systems. The addressed vulnerabilities: 1. Adobe Commerce Server-Side Request Forgery Vulnerability (CVE-2024- 49521): CVSS: 7.7 Attack Vector: Network Attack Complexity: Low Privileges […]

Citrix has released security updates to address several vulnerabilities affecting multiple Citrix products including a zero-day vulnerability. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Citrix Improper Restriction of Operations

Zoom has released security updates to fix several vulnerabilities in multiple Zoom products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, or obtain sensitive information and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Zoom Apps Privilege Escalation Vulnerability (CVE-2024-45421): CVSS: 8.5 Attack

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver, SAP Web Dispatcher, SAP PDCE, SAP Host Agent, SAP Cash Management, and SAP Bank Account Management. The attacker could exploit some of these vulnerabilities to

Veeam has released a security update to fix a vulnerability affecting Veeam Backup Enterprise Manager (VBEM). The addressed vulnerability could allow the remote attacker to bypass the authentication while performing a Man-in-the-Middle (MITM) attack. Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715): CVSS: 7.7 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Consequences:

Google has released an updated Chrome version 130.0.6723.116/.117 for Windows, Mac and 130.0.6723.116 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10826):

Apple has released security updates to address several vulnerabilities across macOS Ventura, macOS Sequoia, macOS Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, perform denial of services attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Apple

Google has released an updated Chrome version 130.0.6723.91/.92 for Windows, Mac and 130.0.6723.91 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2024-10488):

Mozilla has released an updated Firefox version 132, Firefox ESR versions 128.4, and 115.17 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected system. Sample of the

Google has released an updated Chrome version 130.0.6723.69/.70 for Windows, Mac and 130.0.6723.69 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome

Microsoft has released an updated Microsoft Edge version “130.0.2849.46” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform spoofing attacks, execute arbitrary code, and gain access to the affected system, by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform cross-site request forgery attacks, conduct cross-site scripting attacks, obtain sensitive information, gain elevated privilege, perform denial of services attacks, or execute arbitrary commands and gain access to the affected product.

Google has released an updated Chrome version 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google

F5 has released security updates to address multiple vulnerabilities across BIG-IP and BIG-IQ. The addressed vulnerabilities could allow the remote attacker to conduct cross-site scripting attacks or bypass security restrictions and gain elevated privileges to the affected product. The addressed vulnerabilities: 1. BIG-IP Monitors Security Bypass Vulnerability (CVE-2024-45844): CVSS: 7.2 Attack Vector: Network Attack Complexity: