Alerts

Google has released an updated Chrome version “127.0.6533.99/.100” for Windows and Mac, and version “127.0.6533.99” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Website. Sample of

Google has released an updated Chrome version “127.0.6533.72/73” for Windows, and Mac, and version “127.0.6533.72” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Microsoft has released an updated Microsoft Edge Stable Channel version “127.0.2651.74” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Aruba has released security updates to fix multiple vulnerabilities affecting several HPE Aruba products. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform cross-site scripting attacks, or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: 1. EdgeConnect SD-WAN Orchestrator Cross-Site Scripting Vulnerability (CVE-2024-41914): CVSS:

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play that’s designed to target VMware ESXi environments. Play ransomware, also known as PlayCrypt, was first observed in late June 2022 targeting various industries, such as finance, education, healthcare, insurance, technology, and telecommunications. Play ransomware is known for its double extortion

Microsoft has released an updated Microsoft Edge version “126.0.2592.113” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge Code

Ivanti has released security updates to fix several vulnerabilities in Ivanti Endpoint Manager (EPM), (EPMM) for mobile, and Ivanti Docs@Work for Android. The addressed vulnerabilities could allow the attacker to obtain sensitive information, manipulate data, bypass security restrictions, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1.

SonicWall has released security updates to fix several vulnerabilities affecting multiple SonicWall products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. SonicOS IPSec VPN Heap-Based Buffer Overflow Vulnerability (CVE-2024-40764): CVSS: 7.5 Attack

Google has released an updated Chrome version “126.0.6478.182/183” for Windows and Mac, and version “126.0.6478.182” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Splunk has released security updates to fix multiple vulnerabilities affecting Splunk Enterprise and Splunk Cloud Platform. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, obtain sensitive information, bypass security restrictions, conduct denial of service attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities:

Juniper has released security updates to fix several vulnerabilities across multiple versions of Junos OS and Junos OS Evolved. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain sensitive information, bypass security restrictions, gain elevated privileges, or execute arbitrary commands and gain access to the affected product by sending specially

VMware has released security updates to address multiple vulnerabilities across several VMware products. The addressed vulnerabilities could enable the attacker to perform cross-site scripting attacks, bypass security controls, conduct denial of service attacks, or gain unauthorized read/write operations in the database by sending specially crafted SQL statements. Sample of the addressed vulnerabilities: 1. VMware Aria

Mozilla has released an updated Firefox version 128, and Firefox ESR version 115.13 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, gain elevated privileges, gain unauthorized access, obtain sensitive information, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1.