Alerts

Google has released an updated Chrome version 119.0.6045.123/.124 for Windows, and 119.0.6045.123 for Mac and Linux to fix a vulnerability. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2023-5996): […]

Tenable has released security updates to fix multiple vulnerabilities in several third-party components (curl, OpenSSL, zlib) affecting multiple tenable products. The addressed vulnerabilities could allow the attacker to execute arbitrary code, conduct denial of service attacks, bypass security restrictions, or gain elevated privileges to the affected system by loading a specially crafted file during installation

VMware has released a security update to address a vulnerability affecting several versions of VMware Workspace ONE UEM. The addressed vulnerability could allow the remote attacker to conduct phishing attacks by redirecting the victim to arbitrary websites to retrieve the SAML response to login as the victim user. VMware Workspace ONE UEM Open Redirect Vulnerability

Google has released an updated Chrome version (119.0.6045.105/.106) for Windows, and (119.0.6045.105) for Mac and Linux to fix several vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the

Microsoft has released an updated Microsoft Edge stable version (118.0.2088.76) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, conduct spoofing attacks, execute arbitrary code, and gain access to the affected system by persuading the victim to open a specially crafted Adobe PDF file. Sample of the addressed

VMware has released security updates to address vulnerabilities affecting VMware Tools version 12.x.x, 11.x.x, 10.3.x macOS and Windows. The addressed vulnerabilities could allow the attacker to gain elevated privileges on the affected systems. Sample of the addressed vulnerabilities: VMware Tools Privilege Escalation (CVE-2023-34057): CVSS: 7.8 Attack Vector: Local Attack Complexity: Low Privileges Required: Low User

Aruba has released a security update to address multiple vulnerabilities across ClearPass Policy Manager. The addressed vulnerabilities could allow the attacker to gain elevated privilege, manipulate data, conduct phishing attacks, execute arbitrary commands, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Aruba Networks ClearPass Policy Manager Privilege Escalation Vulnerability (CVE-2023-43506):

Aruba has released a security update to address multiple vulnerabilities across ClearPass Policy Manager. The addressed vulnerabilities could allow the attacker to gain elevated privilege, manipulate data, conduct phishing attacks, execute arbitrary commands, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Aruba Networks ClearPass Policy Manager Privilege Escalation Vulnerability (CVE-2023-43506):

Tenable has released a security update to fix multiple vulnerabilities in several third-party components (OpenSSL, curl, chosen, datatables) affecting Nessus Network Monitor (NNM) version 6.2.3 and earlier. The addressed vulnerabilities could allow the attacker to escalate privileges to NT AUTHORITYSYSTEM on Windows hosts, perform denial of service attacks, or perform blind SQL injection and manipulate

Apple has released security updates to address several vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, bypass security restrictions, perform denial of service attacks, obtain sensitive information, execute arbitrary code, and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Apple Safari Code Execution Vulnerability

Mozilla has released an updated Firefox version 119, and Firefox ESR version 115.4 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform a denial of service attack, bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a

Google has released an updated Chrome version (118.0.5993.117/.118) for Windows, and (118.0.5993.117) for Mac and Linux to fix a vulnerability. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2023-5472):

Cisco has released a security recommendation to address a high vulnerability in the web UI feature of Cisco IOS XE software when exposed to the internet or to untrusted networks. The addressed vulnerability could allow the remote unauthenticated attacker to create accounts on the affected system with privilege level 15 access. The attacker can then

VMware has released security updates to address vulnerabilities affecting Aria Operations, VMware Cloud Foundation, and VMware Fusion and Workstation. The addressed vulnerabilities could allow the attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or gain elevated privileges on the affected systems. Sample of the addressed vulnerabilities: 1. VMware Aria Operations for Logs

SolarWinds has released security updates to fix multiple vulnerabilities in the SolarWinds Access Rights Manager 2023.2 and prior versions. The addressed vulnerabilities could allow the attacker to gain elevated privileges, execute arbitrary code, and gain access to the affected systems by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. SolarWinds Access Rights