Alerts

Microsoft has released an updated Microsoft Edge Stable Channel (121.0.2277.98) and Microsoft Edge Extended Stable Channel (120.0.2210.167) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: […]

Apple has released a security update to address a vulnerability across Macs running macOS Ventura. The addressed vulnerability could allow the local authenticated attacker with arbitrary read and write capability to bypass the pointer authentication security feature designed to block attacks trying to exploit memory corruption bugs and gain access to the affected systems by

Ivanti has released security updates to fix two vulnerabilities one of them is zeroday across multiple versions of Ivanti Connect Secure, Policy Secure, and ZTA gateways. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions, gain elevated privileges, and gain access to the affected systems. The addressed vulnerabilities: 1.

Google has released an updated Chrome version 121.0.6167.139/140 for Windows and 121.0.6167.139 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities: Google Chrome Code Execution

Juniper has released security updates to fix several vulnerabilities across multiple Juniper products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, bypass security restrictions, trigger cross-site scripting attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Juniper Networks Junos OS Cross-Site Scripting (CVE-2024-21620):

Mozilla has released an updated Firefox version 122, and Firefox ESR version 115.7 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, gain elevated privileges, bypass security restrictions, or execute arbitrary code and gain access to the affected products by persuading the victim to visit a

Google has released an updated Chrome version 121.0.6167.85/.86 for Windows and 121.0.6167.85 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1.

Splunk has released security updates to fix several vulnerabilities across multiple Splunk products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial of service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Splunk Enterprise Code Execution Vulnerability (CVE-2024-23678):

Apple has released security updates to address multiple vulnerabilities across macOS Monterey, Ventura, Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, obtain sensitive information, execute arbitrary code, and gain access to the affected systems by persuading the victimto visit a specially crafted website. Sample of the

Apache has released a security update to address a vulnerability in multiple versions of Apache Tomcat. The addressed vulnerability could allow the remote attacker to obtain sensitive information caused by the leaking of unrelated request bodies in the default error page by sending a specially crafted request to the affected system. Apache Tomcat Information Disclosure

MOVEit Transfer has released a security update to address a vulnerability in multiple versions of Progress MOVEit Transfer. The addressed vulnerability could allow the remote attacker to perform a denial of service attack on the affected system by sending a specially crafted request via a parameter in HTTPS transactions. Progress MOVEit Transfer Denial of Service

Microsoft has released an updated Microsoft Edge version 120.0.2210.144 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to openspecially crafted content. Sample of the addressed vulnerabilities:

Google has released an updated Chrome version 120.0.6099.234 for Mac, 120.0.6099.224 for Linux, and version 120.0.6099.224/225 for Windows. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code

Citrix has released security updates to address several vulnerabilities across multiple products. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, conduct cross-site scripting attacks, perform denial of service attacks, or gain access to the affected system. Sample of the addressed vulnerabilities: 1. Citrix NetScaler ADC and NetScaler Gateway Denial of Service