Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to change the password of the users including administrative users, bypass security restrictions, perform spoofing attacks, cause denial of service attacks, elevate privileges to root, redirect the users to a malicious web page, obtain sensitive […]
Cisco Security Updates – 18 July 2024 Read More »
Oracle released its critical patch updates for July 2024, containing (386) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, performing denial of service attacks, bypassing security restrictions, data manipulation (view, modify, add, delete), executing
Oracle Security Patch Update – 17 July 2024 Read More »
Google has released an updated Chrome version “126.0.6478.182/183” for Windows and Mac, and version “126.0.6478.182” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Google Chrome Security Update – 17 July 2024 Read More »
Splunk has released security updates to fix multiple vulnerabilities affecting Splunk Enterprise and Splunk Cloud Platform. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, obtain sensitive information, bypass security restrictions, conduct denial of service attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities:
Splunk Security Updates – 14 July 2024 Read More »
Juniper has released security updates to fix several vulnerabilities across multiple versions of Junos OS and Junos OS Evolved. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain sensitive information, bypass security restrictions, gain elevated privileges, or execute arbitrary commands and gain access to the affected product by sending specially
Juniper Security Updates – 14 July 2024 Read More »
VMware has released security updates to address multiple vulnerabilities across several VMware products. The addressed vulnerabilities could enable the attacker to perform cross-site scripting attacks, bypass security controls, conduct denial of service attacks, or gain unauthorized read/write operations in the database by sending specially crafted SQL statements. Sample of the addressed vulnerabilities: 1. VMware Aria
VMware Security Updates – 14 July 2024 Read More »
Palo Alto has released security updates to fix multiple vulnerabilities across several Palo Alto products. The addressed vulnerabilities could allow the attacker to elevate privilege to root access, bypass security restrictions, execute untrusted software without being detected or blocked, and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Palo Alto Expedition
Palo Alto Security Updates – 14 July 2024 Read More »
Mozilla has released an updated Firefox version 128, and Firefox ESR version 115.13 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, gain elevated privileges, gain unauthorized access, obtain sensitive information, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1.
Mozilla FireFox Security Updates – 14 July 2024 Read More »
Citrix has released security updates to address several vulnerabilities across multiple Citrix products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, gain privileges, obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the affected system by sending a specially crafted request. Sample of the addressed
Citrix Security Updates – 10 July 2024 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP PDCE, SAP Commerce, SAP Landscape Management, SAP Document Builder, SAP NetWeaver Knowledge Management XMLEditor, CRM (WebClient UI), SAP Business Warehouse – Business Planning and Simulation, SAP
SAP July 2024 Security Patch Day Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the remote attacker to perform cross-site scripting attacks, obtain sensitive information, create users with elevated privileges, or execute arbitrary code or commands and gain unauthorized access to the affected system by sending specially crafted requests. Sample of
Fortinet Security Updates – 10 July 2024 Read More »
Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to conduct denial of service attacks, or gain elevated privileges to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Zoom Apps for Windows – Improper Input Validation (CVE-2024-27240):
Zoom Security Updates – 10 July 2024 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed four zero-day vulnerabilities. Microsoft has fixed (142) vulnerabilities, with (4) classified as critical as they could allow the attacker to execute arbitrary code, this could result in remote code execution, gain access, and gain elevated privileges to the
Microsoft July 2024 Patch Tuesday Read More »
Cisco has released a security update to address a vulnerability affecting Cisco NX-OS Software. The addressed vulnerability could allow the local attacker with administrative privileges to execute arbitrary code and gain access to the affected system by sending a specially crafted input. Cisco NX-OS Software Command Execution Vulnerability (CVE-2024-20399): CVSS: 6 Attack Vector: Local Attack
Cisco Security Update – 02 July 2024 Read More »
Apache has released a security update to address several vulnerabilities across Apache HTTP Server 2.4.58 and earlier. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information, execute arbitrary code, and gain access to the affected system by sending a specially crafted request. Sample of the
Apache Security Update – 02 July 2024 Read More »
OpenSSH released a security update to fix a vulnerability affecting all versions of OpenSSH between 8.5p1 and 9.7p1. The addressed vulnerability could allow the unauthenticated remote attacker to execute arbitrary code with root privileges and gain access to the affected system by sending specially crafted requests. OpenSSH Code Execution Vulnerability (CVE-2024-6387): CVSS: 9.8 Attack Vector:
OpenSSH Security Update – 01 July 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel (Version 126.0.2592.81) to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution Vulnerability (CVE-2024-6290):
Microsoft Edge Security Update – 01 July 2024 Read More »
Juniper has released security updates to fix a critical vulnerability that affects multiple Juniper products. The addressed vulnerability could allow the remote attacker to bypass security restrictions, bypass authentication, and take full control of the affected products by sending specially crafted requests. Juniper Networks Session Smart Router Security Bypass (CVE-2024-2973): CVSS: 10 Attack Vector: Network
Juniper Security Updates – 01 July 2024 Read More »
Progress has released a security update to address several vulnerabilities affecting WhatsUp Gold 23.1.2 and all older versions. The addressed vulnerability could allow the remote attacker to bypass security restrictions, perform denial of services attacks, gain elevated privileges, obtain sensitive information, upload arbitrary files, or execute arbitrary code and gain access to the affected system.
Progress WhatsUp Gold Security Update – 27 June 2024 Read More »
Fortra has released a security update to address several vulnerabilities in multiple Fortra products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, bypass security restrictions, or manipulate data and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276): CVSS: 9.8
Fortra Security Update – 27 June 2024 Read More »
