Alerts

Palo Alto has released security updates to address multiple vulnerabilities affecting GlobalProtect App and PAN-OS. The addressed vulnerabilities could allow the attacker to gain elevated privileges to the affected products. Sample of the addressed vulnerabilities: GlobalProtect App: Local User Can Disable GlobalProtect (CVE-2024-2431): CVSS: 5.7 Attack Vector: Local Attack Complexity: Low Privileges Required: Low User […]

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected products. Samples of the addressed vulnerabilities: 1. 4th Generation Intel Xeon Processors using Intel SGX or Intel TDX Privilege Escalation Vulnerability

Zoom has released security updates to fix two vulnerabilities across Zoom Rooms Client for Windows before version 5.17.5. The addressed vulnerabilities could allow the local authenticated attacker to trigger denial of service attacks on the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: Zoom Rooms Client for Windows Denial of

Google has released an updated Chrome version 122.0.6261.128/.129 for Windows and Mac and 122.0.6261.128 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-2400): CVSS: 8.8 Attack Vector:

Apple has released security updates to address several vulnerabilities across Safari, macOS Ventura, macOS Monterey, and macOS Sonoma. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, perform denial of service attacks, gain elevated privileges, or execute arbitrary code and gain access to the affected systems. Sample of the addressed

Microsoft has released an updated Microsoft Edge version 122.0.2365.80 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities: 1. Microsoft Edge

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, conduct cross-site scripting attacks, gain elevated privileges, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco Secure Client Carriage Return Line Feed

Aruba has released a security update to fix multiple vulnerabilities affecting HPE Aruba OS. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform denial of service attacks, or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Authenticated Remote Command Execution in the ArubaOS

Google has released an updated Chrome version 122.0.6261.111/.112 for Windows and Mac and 122.0.6261.111 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities:

SolarWinds has released a security update to address a vulnerability affectingSolarWinds SEM 2023.4 and prior ersions. The addressed vulnerability could allow the attacker to execute arbitrary code and gain access to the affected system. SolarWinds Security Event Manager Remote Code Execution Vulnerability (CVE-2024-0692): CVSS: 8.8 Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None

Aruba has released a security update to fix multiple vulnerabilities affecting HPE Aruba ClearPass Policy Manager. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform cross-site scripting, or execute arbitrary commands and gain access to the affected product. Sample of the addressed vulnerabilities: 1. HPE Aruba ClearPass Policy Manager Command Execution

Microsoft has released an updated Microsoft Edge version 122.0.2365.63 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution (CVE-2024-1938): CVSS: 8.8

Google has released an updated Chrome version 122.0.6261.94/.95 for Windows and 122.0.6261.94 for Mac and Linux to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions by sending a specially crafted request, or cluster configuration CLI requests, or perform denial of service attacks by sending crafted IPv6 packets, high number of TCP packets, crafted LLDP packets, or

Microsoft has released an updated Microsoft Edge Stable Channel (122.0.2365.52) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Code Execution (CVE-2024-1669): CVSS: 8.8 Attack