SolarWinds has released a security update to address two vulnerabilities affecting SolarWinds platform 2024.4.1 and prior versions. The addressed vulnerabilities could allow the attacker to manipulate data and view, add, modify, or delete information in the back-end database, or perform cross-site scripting (XSS) attacks using a specially crafted URL to execute script in the victim’s […]
SolarWinds Security Update – 21 April 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel (Version 124.0.2478.51) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed
Microsoft Edge Security Update – 21 April 2024 Read More »
SolarWinds has released a security update to address a vulnerability affecting SolarWinds Serv-U 15.4.1.128 and prior versions. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system. SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28073): CVSS: 8.4 Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction:
SolarWinds Security Update – 18 April 2024 Read More »
Cisco has released security updates to fix multiple vulnerabilities across Cisco Integrated Management Controller (IMC) and Cisco IOS/IOS XE Software. The addressed vulnerabilities could allow the attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Cisco Integrated Management Controller (IMC) Software Command
Cisco Security Updates – 18 April 2024 Read More »
Oracle released its critical patch updates for April 2024, containing (441) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, performing denial of service attacks, bypassing security restrictions, and gaining access to the affected systems.
Oracle Security Patch Update – 17 April 2024 Read More »
Mozilla has released an updated Firefox version 125, and Firefox ESR version 115.10 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected products, perform denial of service attacks, bypass security restrictions, and obtain information by persuading the victim to visit a specially
Mozilla FireFox Security Updates – 17 April 2024 Read More »
Google has released an updated Chrome version “124.0.6367.60/.61” for Windows and Mac, and version “124.0.6367.60” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security, obtain information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Website. Sample of the addressed
Google Chrome Security Update – 17 April 2024 Read More »
Ivanti has released security updates to fix several vulnerabilities affecting all versions of Ivanti Avalanche before version 6.4.3. The addressed vulnerabilities could allow the remote attacker to conduct denial of service attacks, obtain sensitive information, or execute arbitrary codes or commands and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Ivanti
Ivanti Security Updates – 17 April 2024 Read More »
Microsoft has released an updated Microsoft Edge version 123.0.2420.97 to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge Code Execution Vulnerability (CVE-2024-3515): CVSS:
Microsoft Edge Security Update – 15 April 2024 Read More »
Juniper has released security updates to fix several vulnerabilities affecting multiple Juniper products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, manipulate files, conduct cross-site scripting attacks, perform denial of service attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Juniper Networks Paragon
Juniper Security Updates – 15 April 2024 Read More »
Google has released an updated Chrome version 123.0.6312.122/.123 for Windows, versions 123.0.6312.122/.123/.124 for Mac, and version 123.0.6312.122 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google
Google Chrome Security Update – 15 April 2024 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver AS Java User Management Engine, SAP BusinessObjects Web Intelligence, AP Asset Accounting, SAP Edge Integration Cell, SAP NetWeaver AS ABAP and ABAP Platform, AP Group
SAP April 2024 Security Patch Day Read More »
Progress has released security updates to address several vulnerabilities affecting multiple products. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary commands on the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: Progress Flowmon OS Command Execution Vulnerability (CVE-2024-2389): CVSS: 10.0 Attack Vector: Network
Progress Security Updates – 15 April 2024 Read More »
Palo Alto has released security updates to fix multiple vulnerabilities across several products. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, obtain information, elevate privileges, or perform denial-of-service attacks on the affected products. Sample of the addressed vulnerabilities: 1. Palo Alto OS Command Injection Vulnerability (CVE-2024-3400): CVSS: 10 Attack Vector: Network
Palo Alto Security Updates – 12 April 2024 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to execute arbitrary code, and gain access to the affected products by sending specially crafted requests. Sample of the addressed vulnerabilities: 1. FortiClient Linux Remote Code Execution Vulnerability (CVE-2023-45590): CVSS: 9.4 Attack Vector: Network Attack
Fortinet Security Updates – 10 April 2024 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. Microsoft has fixed (150) vulnerabilities, with (3) classified as critical as they could allow the attacker to execute arbitrary code, and gain access to the affected products. April’s Patch Tuesday was released to fix security flaws in several Microsoft products such as
Microsoft April 2024 Patch Tuesday Read More »
Apache has released a security update to address a vulnerability in multiple versions of Apache HTTP Server. The addressed vulnerability could allow the remote attacker to cause an out-ofmemory (OOM) crash and perform denial of service attacks on the affected system by sending a stream of continuation frames that will not be appended to the
Apache Security Update – 07 April 2024 Read More »
Microsoft has released an updated Microsoft Edge version 123.0.2420.81 and Extended Stable Channel (Version 122.0.2365.120) to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, conduct spoofing attacks, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website.
Microsoft Edge Security Update – 07 April 2024 Read More »
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform cross-site scripting attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco Nexus Dashboard and
Cisco Security Updates – 04 April 2024 Read More »
Ivanti has released security updates to fix several vulnerabilities across Ivanti Connect Secure and Policy Secure gateways. The addressed vulnerabilities could allow the remote attacker to conduct denial of service attacks, or execute arbitrary code and gain access to the affected systems by sending specially crafted requests. Sample of the addressed vulnerabilities: 1. Ivanti Connect
Ivanti Security Updates – 04 April 2024 Read More »
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
