OpenSSL has released a security update to fix a critical vulnerability across multiple OpenSSL versions. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected systems by sending a specially crafted request. OpenSSL Code Execution Vulnerability (CVE-2024-4741): CVSS: 9.8 Attack Vector: Network Attack Complexity: Low Privileges Required: […]
OpenSSL Security Update – 29 May 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel (Version 125.0.2535.67) to address multiple vulnerabilities. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge Code Execution Vulnerability (CVE-2024-5160):
Microsoft Edge Security Update – 26 May 2024 Read More »
Google has released an updated Chrome version “125.0.6422.112/.113” for Windows and Mac, and version “125.0.6422.112” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-5274): CVSS: 8.8 Attack
Google Chrome Security Update – 26 May 2024 Read More »
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, conduct denial of service attacks, or manipulate data to view, add, modify, or delete information by sending specially crafted SQL statements to the affected product. Sample of the addressed vulnerabilities: 1.
Cisco Security Updates – 23 May 2024 Read More »
SolarWinds has released security updates to address several vulnerabilities across multiple SolarWinds products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, overwrite arbitrary files, perform cross-site scripting attacks, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. SolarWinds Access Rights Manager Code Execution (CVE-2024-28075):
SolarWinds Security Updates – 22 May 2024 Read More »
Veeam has released security updates to fix several vulnerabilities across multiple Veeam products. The addressed vulnerabilities could allow the attacker to obtain sensitive information or gain elevated privileges to the affected products. Sample of the addressed vulnerabilities: Veeam Backup Enterprise Manager Privilege Escalation Vulnerability (CVE-2024- 29849): CVSS: 9.8 Attack Vector: Network Attack Complexity: Low Privileges
Veeam Security Updates – 22 May 2024 Read More »
Ivanti has released security updates to fix multiple vulnerabilities across Ivanti products. The addressed vulnerabilities could allow the attacker to conduct denial of service attacks, obtain sensitive information, perform cross-site scripting attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Ivanti EPM Core Server SQL Injection
Ivanti Security Updates – 22 May 2024 Read More »
VMware has released a security update to address several vulnerabilities across multiple VMware products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, cause out-of-bounds read/write flaws, or execute arbitrary code and gain access to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. VMware ESXi, Workstation,
VMware Security Update – 22 May 2024 Read More »
Google has released an updated Chrome version “125.0.6422.76/.77” for Windows and Mac, and version “125.0.6422.76” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Buffer Overflow
Google Chrome Security Update- 22 May 2024 Read More »
Drupal has released a security update to fix a vulnerability in Drupal’s RESTful Web Services. The addressed vulnerability could allow the remote attacker to bypass security restrictions by sending a specially crafted request to the affected products. Drupal RESTful Web Services Access Bypass (SA-CONTRIB-2024-019): CVSS: 7.5 Attack Vector: Network Attack Complexity: None Privileges Required: None
Drupal Security Update – 19 May 2024 Read More »
Tenable has released Nessus version “10.7.3” and Nessus Agent version “10.6.4” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privilege or execute arbitrary code and gain access on the affected system. Sample of the addressed vulnerabilities: 1. Tenable Nessus Code Execution vulnerability (CVE-2024-3290): CVSS: 8.2 Attack Vector: Local Attack
Tenable Security Updates – 19 May 2024 Read More »
Microsoft has released an updated Microsoft Edge and Extended Stable Channel (Version 124.0.2478.109) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of
Microsoft Edge Security Update – 19 May 2024 Read More »
Zoom has released security updates to fix several vulnerabilities in multiple products. addressed vulnerabilities could allow the attacker to conduct denial of service attacks, or gain elevated privileges to the affected system by sending a specially crafted request. The addressed vulnerabilities: 1. Zoom Workplace VDI App for Windows Privilege Escalation Vulnerability (CVE-2024-27244): CVSS: 6.7 Attack
Zoom Security Updates – 16 May 2024 Read More »
Adobe has released security updates to fix multiple vulnerabilities across Adobe Acrobat, and Adobe Reader products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, or execute arbitrary code, and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Adobe Acrobat and Adobe Reader Code Execution (CVE-2024-30284): CVSS: 7.8 Attack
Adobe Security Updates – 16 May 2024 Read More »
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, conduct cross-site scripting attacks, gain elevated privileges, or gain access to the affected product. Sample of the addressed vulnerabilities: 1. Cisco Crosswork Network Services Orchestrator Security Bypass (CVE-2024- 20326): CVSS: 7.8
Cisco Security Updates – 16 May 2024 Read More »
Google has released an updated Chrome version “125.0.6422.60/.61” for Windows and Mac, and version “125.0.6422.60” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Google Chrome Security Update – 16 May 2024 Read More »
Aruba has released security updates to fix multiple vulnerabilities affecting ArubaOS and InstantOS. The addressed vulnerabilities could allow the attacker to obtain sensitive information, perform denial of service attacks, manipulate data, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Aruba Instantos/Arubaos PAPI Buffer Overflow Vulnerability (CVE-2024-
Aruba Security Updates – 15 May 2024 Read More »
Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected products. Samples of the addressed vulnerabilities: 1. Intel Neural Compressor Software Privilege Escalation Vulnerability (CVE- 2023-39425): CVSS: 10 Attack Vector: Networt
Intel Security Updates – 15 May 2024 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, execute arbitrary code, and gain access to the affected products by sending specially crafted HTTP requests. Sample of the addressed vulnerabilities: 1. Fortinet FortiWebManager Code Execution Vulnerability (CVE-2024-3667):
Fortinet Security Updates – 15 May 2024 Read More »
Mozilla has released an updated Firefox version 126, and Firefox ESR version 115.11 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Mozilla
Mozilla FireFox Security Updates – 15 May 2024 Read More »
