Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct an information disclosure via network access, or gain elevated privileges to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Zoom Workplace […]
Zoom Security Updates – 14 August 2024 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass the file integrity checking system, allow a read-write user to modify admin passwords via the device configuration backup, and perform OS command injection attacks to execute shell code as
Fortinet Security Updates – 14 August 2024 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed nine zero-day vulnerabilities. Microsoft has fixed (89) vulnerabilities, with (8) classified as critical as they could allow the attacker to execute arbitrary code, which could result in remote code execution, gain access, and gain elevated privileges to the
Microsoft August 2024 Patch Tuesday Read More »
Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Ivanti Virtual Traffic Manager (vTM
Ivanti Security Updates – 14 August 2024 Read More »
Tenable has released security updates in Security Center Patch SC-202408.1 to fix multiple vulnerabilities across Apache to version 2.4.62 and libcurl to version 8.8.0. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, perform denial of service attacks, or execute arbitrary code and gain access to the affected system.
Tenable Security Updates – 14 August 2024 Read More »
FreeBSD systems have released a security update to address a vulnerability across FreeBSD openssh. The addressed vulnerability could allow the remote unauthenticated attacker to execute arbitrary code with root privileges, and gain access to the affected system by sending a specially crafted request. The addressed vulnerability: FreeBSD Code Execution Vulnerability (CVE-2024-7589): CVSS: 8.1 Attack Vector:
FreeBSD Security Update – 13 August 2024 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP BusinessObjects Business Intelligence Platform, SAP Build Apps, SAP BEx Web Java Runtime Export Web Service, SAP S/4 HANA, SAP NetWeaver AS Java, SAP Document Builder, SAP Business
Report Summary SAP August 2024 Security Patch Day Read More »
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, conduct cross-site scripting attacks, bypass security restrictions, or execute arbitrary commands at the root privilege level and gain access to the affected system by sending specially crafted HTTP
Cisco Security Updates – 08 August 2024 Read More »
Mozilla has released an updated Firefox version 129, Firefox ESR version 115.14, and version 128.1 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities:
Mozilla Firefox Security Updates – 08 August 2024 Read More »
Aruba has released security updates to fix multiple vulnerabilities affecting several HPE Aruba products. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform denial of service attacks, or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Unauthenticated Stack-Based Buffer Overflow (RCE) in the
Aruba Security Updates – 07 August 2024 Read More »
Google has released an updated Chrome version “127.0.6533.99/.100” for Windows and Mac, and version “127.0.6533.99” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Website. Sample of
Google Chrome Security Update – 07 August 2024 Read More »
Progress Telerik has released a security update to address a critical vulnerability affecting Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709). The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system. Progress Telerik OS Remote Code Execution Vulnerability (CVE-2024-6327): CVSS: 9.9 Attack Vector: Network
Progress Telerik Security Update – 29 July 2024 Read More »
Google has released an updated Chrome version “127.0.6533.72/73” for Windows, and Mac, and version “127.0.6533.72” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Google Chrome Security Update – 28 July 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel version “127.0.2651.74” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Microsoft Edge Security Update – 28 July 2024 Read More »
Aruba has released security updates to fix multiple vulnerabilities affecting several HPE Aruba products. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform cross-site scripting attacks, or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: 1. EdgeConnect SD-WAN Orchestrator Cross-Site Scripting Vulnerability (CVE-2024-41914): CVSS:
Aruba Security Updates 24 July 2024 Read More »
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play that’s designed to target VMware ESXi environments. Play ransomware, also known as PlayCrypt, was first observed in late June 2022 targeting various industries, such as finance, education, healthcare, insurance, technology, and telecommunications. Play ransomware is known for its double extortion
Play Ransomware – 23 July 2024 Read More »
Microsoft has released an updated Microsoft Edge version “126.0.2592.113” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge Code
Microsoft Edge Security Update – 21 July 2024 Read More »
SolarWinds has released security updates to address several vulnerabilities affecting SolarWinds Access Rights Manager. information, bypass security restrictions, or execute arbitrary code and gain access to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2024-23469): CVSS: 9.6 Attack Vector: Adjacent
SolarWinds Security Updates – 21 July 2024 Read More »
Ivanti has released security updates to fix several vulnerabilities in Ivanti Endpoint Manager (EPM), (EPMM) for mobile, and Ivanti Docs@Work for Android. The addressed vulnerabilities could allow the attacker to obtain sensitive information, manipulate data, bypass security restrictions, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1.
Ivanti Security Updates – 18 July 2024 Read More »
SonicWall has released security updates to fix several vulnerabilities affecting multiple SonicWall products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. SonicOS IPSec VPN Heap-Based Buffer Overflow Vulnerability (CVE-2024-40764): CVSS: 7.5 Attack
SonicWall Security Updates – 18 July 2024 Read More »
