Alerts

Splunk has released security updates to fix multiple vulnerabilities affecting Splunk Enterprise and Splunk Cloud Platform. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, obtain sensitive information, bypass security restrictions, conduct denial of service attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: […]

Juniper has released security updates to fix several vulnerabilities across multiple versions of Junos OS and Junos OS Evolved. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain sensitive information, bypass security restrictions, gain elevated privileges, or execute arbitrary commands and gain access to the affected product by sending specially

VMware has released security updates to address multiple vulnerabilities across several VMware products. The addressed vulnerabilities could enable the attacker to perform cross-site scripting attacks, bypass security controls, conduct denial of service attacks, or gain unauthorized read/write operations in the database by sending specially crafted SQL statements. Sample of the addressed vulnerabilities: 1. VMware Aria

Mozilla has released an updated Firefox version 128, and Firefox ESR version 115.13 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, gain elevated privileges, gain unauthorized access, obtain sensitive information, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1.

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP PDCE, SAP Commerce, SAP Landscape Management, SAP Document Builder, SAP NetWeaver Knowledge Management XMLEditor, CRM (WebClient UI), SAP Business Warehouse – Business Planning and Simulation, SAP

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the remote attacker to perform cross-site scripting attacks, obtain sensitive information, create users with elevated privileges, or execute arbitrary code or commands and gain unauthorized access to the affected system by sending specially crafted requests. Sample of

Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to conduct denial of service attacks, or gain elevated privileges to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Zoom Apps for Windows – Improper Input Validation (CVE-2024-27240):

Cisco has released a security update to address a vulnerability affecting Cisco NX-OS Software. The addressed vulnerability could allow the local attacker with administrative privileges to execute arbitrary code and gain access to the affected system by sending a specially crafted input. Cisco NX-OS Software Command Execution Vulnerability (CVE-2024-20399): CVSS: 6 Attack Vector: Local Attack

Microsoft has released an updated Microsoft Edge Stable Channel (Version 126.0.2592.81) to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution Vulnerability (CVE-2024-6290):

Google has released an updated Chrome version “126.0.6478.126/127” for Windows and Mac, and version “126.0.6478.126” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution