Alerts

Microsoft has released an updated Microsoft Edge version 122.0.2365.80 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities: 1. Microsoft Edge […]

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, conduct cross-site scripting attacks, gain elevated privileges, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco Secure Client Carriage Return Line Feed

Aruba has released a security update to fix multiple vulnerabilities affecting HPE Aruba OS. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform denial of service attacks, or execute arbitrary commands and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Authenticated Remote Command Execution in the ArubaOS

Google has released an updated Chrome version 122.0.6261.111/.112 for Windows and Mac and 122.0.6261.111 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities:

SolarWinds has released a security update to address a vulnerability affectingSolarWinds SEM 2023.4 and prior ersions. The addressed vulnerability could allow the attacker to execute arbitrary code and gain access to the affected system. SolarWinds Security Event Manager Remote Code Execution Vulnerability (CVE-2024-0692): CVSS: 8.8 Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None

Aruba has released a security update to fix multiple vulnerabilities affecting HPE Aruba ClearPass Policy Manager. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform cross-site scripting, or execute arbitrary commands and gain access to the affected product. Sample of the addressed vulnerabilities: 1. HPE Aruba ClearPass Policy Manager Command Execution

Microsoft has released an updated Microsoft Edge version 122.0.2365.63 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Code Execution (CVE-2024-1938): CVSS: 8.8

Google has released an updated Chrome version 122.0.6261.94/.95 for Windows and 122.0.6261.94 for Mac and Linux to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google

Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions by sending a specially crafted request, or cluster configuration CLI requests, or perform denial of service attacks by sending crafted IPv6 packets, high number of TCP packets, crafted LLDP packets, or

Microsoft has released an updated Microsoft Edge Stable Channel (122.0.2365.52) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Code Execution (CVE-2024-1669): CVSS: 8.8 Attack

Atlassian has released security updates to address several vulnerabilities across multiple Atlassian products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, trigger cross-site scripting attacks, perform denial of services attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Atlassian Confluence Data Center and

Google has released an updated Chrome version 122.0.6261.57/.58 for Windows and 122.0.6261.57 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to bypass securityrestrictions, or execute arbitrary code and gain access to the affected system by pesuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google

Mozilla has released an updated Firefox version 123, and Firefox ESR version 115.8 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to conduct spoofing attacks, cause DNS cache poisoning, perform denial of service attacks, bypass security restrictions, or execute arbitrary code, and gain access to the affected systems by persuading the

Tenable has released a security update to fix multiple vulnerabilities in Tenable Security Center 6.2.1 with Patch SC-202312.1, and earlier. The addressed vulnerabilities could allow the authenticated remote attacker to perform HTML redirection attacks or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: Tenable Security Center Command Injection

Palo Alto has released security updates to address several vulnerabilities affecting multiple PAN-OS versions. The addressed vulnerabilities could allow the attacker to perform cross-site scripting (XSS) attacks, bypass security restrictions, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the