Alerts

Microsoft has released an updated Microsoft Edge and Extended Stable Channel (Version 124.0.2478.97) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code […]

Google has released an updated Chrome version “124.0.6367.201/.202” for Windows and Mac, and version “124.0.6367.201” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-4671): CVSS: 8.8 Attack

F5 has released security updates to address several vulnerabilities in multiple F5 products. The addressed vulnerabilities could allow the authenticated remote attacker to perform denial of service attacks, conduct cross-site scripting attacks, manipulate data, view, add, modify, or delete information in the back-end database, obtain sensitive information, or bypass security restrictions on the affected system

Google has released an updated Chrome version “124.0.6367.155/.156” for Windows and Mac, and version “124.0.6367.155” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.80) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge Code Execution Vulnerability (CVE-2024-4331):

Cisco has released security updates to fix several vulnerabilities in Cisco IP Phone firmware. The addressed vulnerabilities could allow the unauthenticated, remote attacker to perform denial of service attacks, gain unauthorized access, or obtain sensitive information from the affected system. Sample of the addressed vulnerabilities: 1. Cisco IP Phone Denial of Service Vulnerability (CVE-2024-20376): CVSS:

Google has released an updated Chrome version “124.0.6367.118/.119” for Windows and Mac, and version “124.0.6367.118” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. Google Chrome Code Execution Vulnerability

SonicWall has released a security update to fix two vulnerabilities affecting SonicWall GMS (Virtual Appliance, Windows) – 9.3.4 and earlier versions. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or obtain sensitive information from the affected product. The addressed vulnerabilities: 1. GMS ECM Hard-Coded Credential Authentication Bypass Vulnerability (CVE- 2024-29011): CVSS:

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.67) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution Vulnerability

Cisco has released security updates to fix several vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software. The addressed vulnerabilities could allow the attacker to conduct denial of service attacks, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco ASA and

SolarWinds has released a security update to address two vulnerabilities affecting SolarWinds platform 2024.4.1 and prior versions. The addressed vulnerabilities could allow the attacker to manipulate data and view, add, modify, or delete information in the back-end database, or perform cross-site scripting (XSS) attacks using a specially crafted URL to execute script in the victim’s

Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.51) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed

SolarWinds has released a security update to address a vulnerability affecting SolarWinds Serv-U 15.4.1.128 and prior versions. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system. SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28073): CVSS: 8.4 Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction:

Cisco has released security updates to fix multiple vulnerabilities across Cisco Integrated Management Controller (IMC) and Cisco IOS/IOS XE Software. The addressed vulnerabilities could allow the attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Cisco Integrated Management Controller (IMC) Software Command

Mozilla has released an updated Firefox version 125, and Firefox ESR version 115.10 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected products, perform denial of service attacks, bypass security restrictions, and obtain information by persuading the victim to visit a specially