Alerts

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, execute arbitrary code, and gain access to the affected products by sending specially crafted HTTP requests. Sample of the addressed vulnerabilities: 1. Fortinet FortiWebManager Code Execution Vulnerability (CVE-2024-3667):

Mozilla has released an updated Firefox version 126, and Firefox ESR version 115.11 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Mozilla

Google has released an updated Chrome version “124.0.6367.207/.208” for Windows and Mac, and version “124.0.6367.207” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-4761): CVSS: 8.8 Attack

Apple has released security updates to address multiple vulnerabilities across macOS Ventura, macOS Monterey, macOS Sonoma, and Safari. he addressed vulnerabilities could allow a local attacker to gain elevated privileges, bypass security restrictions, obtain information, or gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Apple macOS Sonoma Privilege Escalation Vulnerability (CVE-2024-27796):

VMware has released a security update to address several vulnerabilities in VMware Avi Load Balancer. The addressed vulnerabilities could allow the remote authenticated attacker to obtain sensitive information, or gain elevated privileges to create, modify, execute, and delete files as a root user on the affected system by sending a specially crafted request. The addressed

Microsoft has released an updated Microsoft Edge and Extended Stable Channel (Version 124.0.2478.97) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code

Google has released an updated Chrome version “124.0.6367.201/.202” for Windows and Mac, and version “124.0.6367.201” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-4671): CVSS: 8.8 Attack

F5 has released security updates to address several vulnerabilities in multiple F5 products. The addressed vulnerabilities could allow the authenticated remote attacker to perform denial of service attacks, conduct cross-site scripting attacks, manipulate data, view, add, modify, or delete information in the back-end database, obtain sensitive information, or bypass security restrictions on the affected system

Google has released an updated Chrome version “124.0.6367.155/.156” for Windows and Mac, and version “124.0.6367.155” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.80) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge Code Execution Vulnerability (CVE-2024-4331):

Cisco has released security updates to fix several vulnerabilities in Cisco IP Phone firmware. The addressed vulnerabilities could allow the unauthenticated, remote attacker to perform denial of service attacks, gain unauthorized access, or obtain sensitive information from the affected system. Sample of the addressed vulnerabilities: 1. Cisco IP Phone Denial of Service Vulnerability (CVE-2024-20376): CVSS:

Google has released an updated Chrome version “124.0.6367.118/.119” for Windows and Mac, and version “124.0.6367.118” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. Google Chrome Code Execution Vulnerability

SonicWall has released a security update to fix two vulnerabilities affecting SonicWall GMS (Virtual Appliance, Windows) – 9.3.4 and earlier versions. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or obtain sensitive information from the affected product. The addressed vulnerabilities: 1. GMS ECM Hard-Coded Credential Authentication Bypass Vulnerability (CVE- 2024-29011): CVSS: