Alerts

Google has released an updated Chrome version “124.0.6367.207/.208” for Windows and Mac, and version “124.0.6367.207” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-4761): CVSS: 8.8 Attack […]

Apple has released security updates to address multiple vulnerabilities across macOS Ventura, macOS Monterey, macOS Sonoma, and Safari. he addressed vulnerabilities could allow a local attacker to gain elevated privileges, bypass security restrictions, obtain information, or gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Apple macOS Sonoma Privilege Escalation Vulnerability (CVE-2024-27796):

VMware has released a security update to address several vulnerabilities in VMware Avi Load Balancer. The addressed vulnerabilities could allow the remote authenticated attacker to obtain sensitive information, or gain elevated privileges to create, modify, execute, and delete files as a root user on the affected system by sending a specially crafted request. The addressed

Microsoft has released an updated Microsoft Edge and Extended Stable Channel (Version 124.0.2478.97) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code

Google has released an updated Chrome version “124.0.6367.201/.202” for Windows and Mac, and version “124.0.6367.201” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-4671): CVSS: 8.8 Attack

F5 has released security updates to address several vulnerabilities in multiple F5 products. The addressed vulnerabilities could allow the authenticated remote attacker to perform denial of service attacks, conduct cross-site scripting attacks, manipulate data, view, add, modify, or delete information in the back-end database, obtain sensitive information, or bypass security restrictions on the affected system

Google has released an updated Chrome version “124.0.6367.155/.156” for Windows and Mac, and version “124.0.6367.155” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.80) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge Code Execution Vulnerability (CVE-2024-4331):

Cisco has released security updates to fix several vulnerabilities in Cisco IP Phone firmware. The addressed vulnerabilities could allow the unauthenticated, remote attacker to perform denial of service attacks, gain unauthorized access, or obtain sensitive information from the affected system. Sample of the addressed vulnerabilities: 1. Cisco IP Phone Denial of Service Vulnerability (CVE-2024-20376): CVSS:

Google has released an updated Chrome version “124.0.6367.118/.119” for Windows and Mac, and version “124.0.6367.118” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. Google Chrome Code Execution Vulnerability

SonicWall has released a security update to fix two vulnerabilities affecting SonicWall GMS (Virtual Appliance, Windows) – 9.3.4 and earlier versions. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or obtain sensitive information from the affected product. The addressed vulnerabilities: 1. GMS ECM Hard-Coded Credential Authentication Bypass Vulnerability (CVE- 2024-29011): CVSS:

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.67) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution Vulnerability

Cisco has released security updates to fix several vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software. The addressed vulnerabilities could allow the attacker to conduct denial of service attacks, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco ASA and

SolarWinds has released a security update to address two vulnerabilities affecting SolarWinds platform 2024.4.1 and prior versions. The addressed vulnerabilities could allow the attacker to manipulate data and view, add, modify, or delete information in the back-end database, or perform cross-site scripting (XSS) attacks using a specially crafted URL to execute script in the victim’s

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.51) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed

SolarWinds has released a security update to address a vulnerability affecting SolarWinds Serv-U 15.4.1.128 and prior versions. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system. SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28073): CVSS: 8.4 Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: