Google has released an updated Chrome version 138.0.7204.157/.158 forn Windows, Mac, and 138.0.7204.157 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions via a crafted HTML page, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of […]
Google Chrome Security Update – 16 July 2025 Read More »
VMware has released security updates to fix several vulnerabilities across multiple VMware products. The addressed vulnerabilities could allow the local attacker with administrative privileges to obtain sensitive information, or execute arbitrary code and gain access to the affected product. 1. VMware ESXi, Workstation, and Fusion Integer Overflow Vulnerability (CVE-2025-41236): CVSS: 9.3 Attack Vector: Local Attack
VMware Security Updates – 16 Jul 2025 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, gain elevated privileges, execute arbitrary commands, and gain access to the affected system. Sample of addressed vulnerabilities: 1. Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309): CVSS: 10 Attack
Cisco Security Updates – 15 July 2025 Read More »
Apache has released security updates to address several vulnerabilities affecting multiple Apache Tomcat versions. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, or gain access to the affected system by using icacls.exe without specifying a full path. Sample of the addressed vulnerabilities: 1. Apache Tomcat Side-loading via
Apache Tomcat Security Updates – 14 July 2025 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. FortiWeb Unauthenticated SQL Injection in GUI Vulnerability (CVE-2025-25257): CVSS: 9.6 Attack
Fortinet Security Updates – 10 July 2025 Read More »
Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform server-side request forgery attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. HPE Networking Instant on Access Points Hardcoded Credential
Aruba Security Updates – 10 July 2025 Read More »
Zoom has released a security update to fix multiple vulnerabilities in Zoom Client for Windows, macOS, and Linux. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks or obtain sensitive information from the affected system. Sample of the addressed vulnerabilities: 1. Zoom Workplace for Linux Improper Certificate Validation Vulnerability (CVE-2025-46788):
Zoom Security Update – 09 July 2025 Read More »
Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, conduct denial-of-service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Adobe Experience Manager (AEM) Forms
Adobe Security Updates – 09 July 2025 Read More »
Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the attacker to trigger denial of service attacks, perform server-side request forgery attacks, conduct carriage return line feed injection attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the
Ivanti Security Updates – 09 July 2025 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one zero-day vulnerability. Microsoft has fixed (130) vulnerabilities, with one classified as critical, as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code
Microsoft July 2025 Patch Tuesday Read More »
Grafana has released security updates to address multiple vulnerabilities affecting Grafana. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or perform denial of service attacks on the affected product. Sample of the addressed vulnerabilities: 1. Authorization Vulnerability In /apis Allows Authenticated Bypass for All Dashboard Permissions (CVE-2025-3260): CVSS:
Grafana Security Updates – 08 July 2025 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP Supplier Relationship Management, SAP NetWeaver, SAP S/4HANA and SAP SCM, SAP GRC, SAP Business Warehouse, SAP Business Objects Business Intelligence Platform, SAP MDM Server, SAP Business
SAP Security Updates – 08 July 2025 Read More »
Microsoft has released an updated Microsoft Edge stable channel version “138.0.3351.65” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Microsoft Edge Security Update – 02 July 2025 Read More »
Google has released an updated Chrome version 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac, and 138.0.7204.96 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by sending a crafted HTML. Google Chrome Code Execution Vulnerability (CVE-2025-6554): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low
Google Chrome Security Update – 01 July 2025 Read More »
Google has released an updated Chrome version 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac, and 138.0.7204.96 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by sending a crafted HTML. Google Chrome Code Execution Vulnerability (CVE-2025-6554): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low
Google Chrome Security Update – 01 July 2025 Read More »
Citrix has released a security update to address a vulnerability affecting Citrix NetScaler ADC and Citrix NetScaler Gateway. The addressed vulnerability could allow the remote attacker to cause a memory overflow, leading to unintended control flow and a denial of service attack. Improper Restriction of Operations Within The Bounds of a Memory Buffer Vulnerability (CVE-2025-6543):
Citrix Security Update – 29 June 2025 Read More »
Google has released an updated Chrome version 138.0.7204.49 for Linux, and versions 138.0.7204.49/50 for Windows and Mac. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and cause memory corruption on the affected devices. Sample of the addressed vulnerabilities: Google Chrome Use After Free in Animation Vulnerability (CVE-2025-6555): CVSS:
Google Chrome Security Update – 25 June 2025 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the remote attacker to conduct denial of service attacks by sending a sequence of crafted HTTPS requests or submitting a crafted file containing UDF content to be scanned by ClamAV on the affected systems. Sample of addressed
Cisco Security Updates – 22 June 2025 Read More »
Citrix has released security updates to address multiple vulnerabilities affecting Citrix Secure Access Client for Windows, Citrix Workspace app for Windows, NetScaler ADC, and NetScaler Gateway. The addressed vulnerabilities could allow the attacker to bypass access controls, obtain sensitive information, or gain elevated privileges on the affected product. Sample of the addressed vulnerabilities: 1. NetScaler
Citrix Security Updates – 19 June 2025 Read More »
Google has released an updated Chrome version 137.0.7151.119/.120 for Windows, Mac and 137.0.7151.119 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code by persuading the victim to visit a specially crafted website and gain access to the affected system. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2025-6192):
Google Chrome Security Update – 18 June 2025 Read More »
