Alerts

F5 has released security updates to address several vulnerabilities in multiple F5 products. The addressed vulnerabilities could allow the authenticated remote attacker to perform denial of service attacks, manipulate data, view, add, modify, or delete information in the back-end database, obtain sensitive information, bypass security restrictions, execute arbitrary commands, and gain access to the affected […]

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected products. Samples of the addressed vulnerabilities: 1. Intel DSA Software Privilege Escalation Vulnerability (CVE-2023-39425): CVSS: 8.8 Attack Vector: Local Attack Complexity:

Microsoft has released an updated Microsoft Edge Stable Channel (121.0.2277.112) and Microsoft Edge Extended Stable Channel (120.0.2210.175) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code to gain access or cause a buffer overflow into the affected system by persuading the victim to visit a specially crafted website.

SonicWall has released security updates to fix several vulnerabilities across multiple SonicWall products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, execute arbitrary code, cause a buffer overflow, or gain access by sending a specially crafted request to the affected products. Sample of the addressed vulnerabilities: 1. SonicWall SonicOS Security Bypass Vulnerability

Veeam has released a security update to fix several vulnerabilities across multiple Veeam products. The addressed vulnerabilities could allow the remote authenticated attacker to obtain sensitive information, such as plans from other scopes, or obtain the service account’s NTLM hash and use this information to launch further attacks against the affected system. The addressed vulnerabilities:

Tenable has released a security update to fix several vulnerabilities in Nessus with stable version 10.7.0. The addressed vulnerabilities could allow the authenticated remote attacker to conduct cross-site scripting attacks, execute arbitrary scripts, scan DB content, manipulate data, and view, add, modify, or delete information on the affectedsystem. The addressed vulnerabilities: 1. Tenable Nessus SQL

VMware has released a security update to address several vulnerabilities in the VMware Aria Operations for Networks (formerly vRealize Network Insight). The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform cross-site scripting attacks on the affected system. Sample of the addressed vulnerabilities: 1. VMware Aria Operations for Networks

Google has released an updated Chrome version 121.0.6167.160/161 for Windows and 121.0.6167.160 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code to gain access or cause a buffer overflow into the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. Google

ManageEngine has released security updates to address several vulnerabilitiesacross multiple products such as ADAudit Plus and ADSelfService Plus. The addressed vulnerabilities could allow the remote attacker to manipulate data and view, add, modify, or delete information in the back-end database by sending a specially crafted SQL statement, or execute arbitrary code, and gain access to

Microsoft has released an updated Microsoft Edge Stable Channel (121.0.2277.98) and Microsoft Edge Extended Stable Channel (120.0.2210.167) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Apple has released a security update to address a vulnerability across Macs running macOS Ventura. The addressed vulnerability could allow the local authenticated attacker with arbitrary read and write capability to bypass the pointer authentication security feature designed to block attacks trying to exploit memory corruption bugs and gain access to the affected systems by

Ivanti has released security updates to fix two vulnerabilities one of them is zeroday across multiple versions of Ivanti Connect Secure, Policy Secure, and ZTA gateways. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions, gain elevated privileges, and gain access to the affected systems. The addressed vulnerabilities: 1.