Alerts

Microsoft has released an updated Microsoft Edge version 123.0.2420.81 and Extended Stable Channel (Version 122.0.2365.120) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, conduct spoofing attacks, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. […]

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform cross-site scripting attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco Nexus Dashboard and

Ivanti has released security updates to fix several vulnerabilities across Ivanti Connect Secure and Policy Secure gateways. The addressed vulnerabilities could allow the remote attacker to conduct denial of service attacks, or execute arbitrary code and gain access to the affected systems by sending specially crafted requests. Sample of the addressed vulnerabilities: 1. Ivanti Connect

Google has released an updated Chrome version 123.0.6312.105/.106/.107 for Windows and Mac and version 123.0.6312.105 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

VMware has released security updates to address several vulnerabilities in VMware SD-WAN Orchestrator and VMware SD-WAN Edge. The addressed vulnerabilities could allow the attacker to bypass security restrictions, conduct phishing attacks, obtain sensitive information, or execute arbitrary code on the affected products by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. VMware

Splunk has released security updates to fix several vulnerabilities across multiple Splunk products. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, or bypass security restrictions caused by the lack of protections for risky SPL commands and persuade the victim to initiate a request within their browser. The addressed vulnerabilities: 1. Splunk

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial of service attacks, bypass security restrictions, execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco IOS XE Software Denial of Service

Microsoft has released an updated Microsoft Edge version 123.0.2420.65 and Extended Stable Channel (Version 122.0.2365.113) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge

Google has released an updated Chrome version 123.0.6312.86/.87 for Windows and Mac and version 123.0.6312.86 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution

Microsoft has released an updated Microsoft Edge version 123.0.2420.53 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, conduct spoofing attacks, bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the

Mozilla has released an updated Firefox version 124, and Firefox ESR version 115.9 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform denial of service attacks, or execute arbitrary code, and gain access to the affected products by persuading the victim to visit a specially crafted website.

Google has released an updated Chrome version 123.0.6312.58/.59 for Windows and Mac and version 123.0.6312.58 for Linux. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of

Microsoft has released an updated Microsoft Edge version 122.0.2365.92 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, conduct spoofing attacks, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft

Cisco has released security updates to fix several vulnerabilities in multiple Cisco products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, execute denial of service attacks, bypass security restrictions, execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco IOS XR Software Privilege Escalation Vulnerability

Apache has released security updates to address two vulnerabilities affecting multiple versions of Apache Tomcat. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks by sending specially crafted WebSocket connections or HTTP/2 requests. Sample of the addressed vulnerabilities: Apache Tomcat Denial of Service Vulnerability (CVE-2024-23672): CVSS: 7.5 Attack Vector: Network