Alerts

Intel has released security updates to fix several vulnerabilities in multiple products. The addressed vulnerabilities could allow the remote attacker to perform various attacks such as obtaining sensitive information, bypassing security restrictions, executing arbitrary code, causing a denial of service attack, or escalating the privileges on the affected products. Sample of the addressed vulnerabilities: 1- […]

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. The addressed vulnerabilities could allow the attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, perform denial of service attacks, and gain access to the affected products by persuading the victim to open a specially crafted document. Sample of

Write here description section (bold)Aruba has released a security update to fix a vulnerability in Aruba CX Switches. The addressed vulnerability could allow the remote authenticated attacker to execute arbitrary commands as a privileged user and fully compromise the underlying operating system on the device running AOS-CX. HPE Aruba Networking CX Switches Command Execution (CVE-2023

Cisco has released security updates to fix multiple vulnerabilities in Cisco Secure Web Appliance and Cisco BroadWorks. The addressed vulnerabilities could allow the remote attacker to bypass security nrestrictions or perform cross-site scripting on the affected products. The addressed vulnerabilities: 1- Cisco AsyncOS Software for Cisco Secure Web Appliance Security Bypass (CVE-2023-20215): CVSS: 5.8 Attack

F5 has released security updates to fix several vulnerabilities across multiple F5 products such as (BIG-IP, BIG-IP APM, F5OS-A, BIG-IQ Centralized Management). The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform a cross-site scripting attack, obtain sensitive information, or gain elevated privileges by sending a specially crafted request to the affected systems.

Google has released an updated Chrome version (115.0.5790.170/.171) for Windows, and (115.0.5790.170) for Linux, and Mac to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerability: Google

Mozilla has released an updated Firefox version 116, and Firefox ESR versions 102.14, 115.1 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to gain access, obtain sensitive information, perform a denial of service attack, bypass security restrictions, gain elevated privileges, or execute arbitrary code on the affected system by persuading the

Ivanti has released security updates to address vulnerabilities in Ivanti desktop and server management 2022.2 SU2 and all prior versions and Ivanti endpoint manager versions 11.10,11.9, 11.8, or older. The addressed vulnerabilities could allow the attacker to perform arbitrary file write to the EPMM server and can be used in conjunction with “CVE-2023-35078” to bypass

VMware has released security updates to fix multiple vulnerabilities in VMware SD-Wan and Tanzu Application Service. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, caused by improper authentication in SD-Wan and logging credentials in hex encoding in platform system audit logs in VMware Tanzu Application. Sample of the addressed vulnerabilities: VMware

Apple has released security updates to address several vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to execute arbitrary code, perform denial of service attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, or gain access to the affected systems by persuading the victim to visit a specially crafted website. Sample

OpenSSH released a security update to fix a vulnerability affecting all versions of OpenSSH before 9.3p2. The addressed vulnerability could allow the remote attacker to execute arbitrary code on the affected system by sending specially crafted requests. OpenSSH Code Execution Vulnerability (CVE-2023-38408): CVSS: 8.1 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction:

Atlassian has released security updates to address several vulnerabilities in Atlassian Confluence and Atlassian Bamboo. The severity of the addressed vulnerabilities could allow the remote attacker to gain access, and execute arbitrary code on the affected systems. Sample of the addressed vulnerabilities: Atlassian Confluence Data Center and Atlassian Confluence Server Code Execution Vulnerability (CVE-2023-22508): CVSS:

Microsoft has released an updated Edge version (115.0.1901.183) and extended stable version (114.0.1823.90) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain privileges or trigger spoofing attack by persuading the victim to open specially crafted file or request. Sample of the addressed vulnerabilities: Microsoft Edge (Chromium-based) Privilege Escalation (CVE-2023-38187): CVSS: 7.5