Alerts

Microsoft has released an updated Microsoft Edge Stable Channel (Version 128.0.2739.42) to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privileges, bypass security restrictions, execute buffer overflow attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Buffer Overflow […]

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, execute SQL injection attacks, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco

Google has released an updated Chrome version “128.0.6613.84/.85” for Windows and Mac, and version “128.0.6613.84” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Atlassian has released security updates to fix several vulnerabilities across multiple Atlassian products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, conduct cross-site request forgery and server-side request forgery attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Atlassian Crowd

F5 has released security updates to address several vulnerabilities across multiple F5 products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain a user’s session cookies, and continue to use that session to access BIG-IP Next Central Manager or gain access to the affected systems. Sample of the addressed vulnerabilities:

Palo Alto has released security updates to fix multiple vulnerabilities across several Palo Alto products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, conduct information disclosure, or execute arbitrary commands and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Palo Alto Cortex XSOAR Command Injection in CommonScripts Pack

Intel has released security updates to address several vulnerabilities across multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, conduct an information disclosure, perform denial of service attacks, obtain sensitive information, and gain access to the affected systems. Samples of the addressed vulnerabilities: 1. Intel® Ethernet Complete Driver Pack Escalation

Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct an information disclosure via network access, or gain elevated privileges to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Zoom Workplace

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass the file integrity checking system, allow a read-write user to modify admin passwords via the device configuration backup, and perform OS command injection attacks to execute shell code as

FreeBSD systems have released a security update to address a vulnerability across FreeBSD openssh. The addressed vulnerability could allow the remote unauthenticated attacker to execute arbitrary code with root privileges, and gain access to the affected system by sending a specially crafted request. The addressed vulnerability: FreeBSD Code Execution Vulnerability (CVE-2024-7589): CVSS: 8.1 Attack Vector:

Mozilla has released an updated Firefox version 129, Firefox ESR version 115.14, and version 128.1 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: