Alerts

Microsoft has released an updated Microsoft Edge stable version (116.0.1938.62) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to elevate the privilege or execute arbitrary code on the affected system. Sample of the addressed vulnerabilities: 1. Microsoft Edge Code Execution Vulnerability (CVE-2023-4427): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low Privileges

Cisco has released security updates to fix multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, read or overwrite files, or perform denial of service attacks on the affected products by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Cisco Firepower 4100 Series, Firepower 9300

Google has released an updated Chrome version (116.0.5845.110/.111) for Windows, and (116.0.5845.110) for Linux, and Mac to fix several vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google

Aruba has released security updates to fix several vulnerabilities in EdgeConnect SD-WAN Orchestrator. The addressed vulnerabilities could allow the remote attacker to gain access, obtain information, bypass security restrictions, or trigger cross-site scripting (XSS) attacks on the affected product. Sample of the addressed vulnerabilities: 1. HPE Aruba Networking EdgeConnect SD-WAN Orchestrator Cross-Site Scripting (CVE-2023-37423): CVSS:

McAfee has released a security update to fix a vulnerability in McAfee Safe Connect versions before 2.16.1.126. The addressed vulnerability could allow the attacker to gain privileges and access the device that running the vulnerable software, or other connected devices by using a specially crafted “.DLL” file. This flaw is caused by an uncontrolled search

RARLAB has released an updated WinRAR version to fix a vulnerability in versions before WinRAR 6.23. The addressed vulnerability could allow the remote attacker to execute arbitrary code on the affected system by persuading the victim to open a specially crafted RAR file. This flaw exists within the processing of recovery volumes, as the issue

Microsoft has released an updated Microsoft Edge stable version (116.0.1901.200) to fix multiple vulnerabilities in Microsoft Edge (Chromium-based). The addressed vulnerabilities could allow the remote attacker to obtain sensitive information or gain elevated privileges on the affected system. Sample of the addressed vulnerabilities: Microsoft Edge Privilege Escalation Vulnerability (CVE-2023-36787): CVSS: 8.8 Attack Vector: Network Attack

Juniper has released a security update to fix several vulnerabilities across multiple versions of the J-Web component of Juniper Networks Junos OS on SRX and EX Series. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions, and gain access to the affected versions by sending a specially crafted HTTP

Cisco has released security updates to fix multiple vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to gain access, obtain information, perform cross site scripting, or gain elevated privileges on the affected products. Sample of the addressed vulnerabilities: 1. Cisco Unified Communications Manager SQL Injection (CVE-2023-20211): CVSS: 8.1 Attack Vector: Network Attack

Aruba has released a security update to fix several vulnerabilities in HPE Aruba Networking Virtual Intranet Access (VIA) client for Microsoft Windows version 4.5.0 and below. The addressed vulnerabilities could allow the attacker to gain elevated privileges and execute arbitrary code with NT AUTHORITYSYSTEM privileges on the operating system, or perform a denial of service

Google has released an updated Chrome version (116.0.5845.96/.97) for Windows, and (116.0.5845.96) for Linux, and Mac to fix several vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the

Intel has released security updates to fix several vulnerabilities in multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, executing arbitrary code, causing a denial of service attack, or escalating the privileges on the affected products. Sample of the addressed vulnerabilities: 1-

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. The addressed vulnerabilities could allow the attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, perform denial of service attacks, and gain access to the affected products by persuading the victim to open a specially crafted document. Sample of

Write here description section (bold)Aruba has released a security update to fix a vulnerability in Aruba CX Switches. The addressed vulnerability could allow the remote authenticated attacker to execute arbitrary commands as a privileged user and fully compromise the underlying operating system on the device running AOS-CX. HPE Aruba Networking CX Switches Command Execution (CVE-2023