Google has released an updated Chrome version 121.0.6167.160/161 for Windows and 121.0.6167.160 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code to gain access or cause a buffer overflow into the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. Google […]
Google Chrome Security Update – 07 February 2024 Read More »
ManageEngine has released security updates to address several vulnerabilitiesacross multiple products such as ADAudit Plus and ADSelfService Plus. The addressed vulnerabilities could allow the remote attacker to manipulate data and view, add, modify, or delete information in the back-end database by sending a specially crafted SQL statement, or execute arbitrary code, and gain access to
ManageEngine Security Updates – 06 February 2024 Read More »
Juniper has released security updates to fix multiple vulnerabilities affecting Juniper Secure Analytics (JSA) Applications. The addressed vulnerabilities could allow the attacker to obtain sensitive information, manipulate files, trigger cross-site scripting, perform denial of service attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: Juniper Netlib LAPACK
Juniper Security Updates – 04 February 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel (121.0.2277.98) and Microsoft Edge Extended Stable Channel (120.0.2210.167) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:
Microsoft Edge Security Update – 04 February 2024 Read More »
Apple has released a security update to address a vulnerability across Macs running macOS Ventura. The addressed vulnerability could allow the local authenticated attacker with arbitrary read and write capability to bypass the pointer authentication security feature designed to block attacks trying to exploit memory corruption bugs and gain access to the affected systems by
Apple Security Update – 01 February 2024 Read More »
Ivanti has released security updates to fix two vulnerabilities one of them is zeroday across multiple versions of Ivanti Connect Secure, Policy Secure, and ZTA gateways. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions, gain elevated privileges, and gain access to the affected systems. The addressed vulnerabilities: 1.
Ivanti Security Updates – 31 January 2024 Read More »
Google has released an updated Chrome version 121.0.6167.139/140 for Windows and 121.0.6167.139 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted Web site. Sample of the addressed vulnerabilities: Google Chrome Code Execution
Google Chrome Security Update – 31 January 2024 Read More »
Symantec has published several critical vulnerabilities in end-of-life versions across multiple products. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code or cause a buffer overflow and gain access to the affected products by sending specially crafted requests or persuading the victim to open a crafted document. Sample of the addressed vulnerabilities:
Symantec Security Vulnerabilities – 30 January 2024 Read More »
Juniper has released security updates to fix several vulnerabilities across multiple Juniper products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, bypass security restrictions, trigger cross-site scripting attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Juniper Networks Junos OS Cross-Site Scripting (CVE-2024-21620):
Juniper Security Updates 28 – January 2024 Read More »
Microsoft has released an updated Microsoft Edge Stable Channel (121.0.2277.83) and Microsoft Edge Extended Stable Channel (120.0.2210.160) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privilege, bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to open a malicious file. Sample
Microsoft Edge Security Update – 28 January 2024 Read More »
Cisco has released security updates to fix several vulnerabilities across multiple Cisco products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, trigger cross-site scripting attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco Unified Communications Products Remote Code Execution
Cisco Security Updates – 25 January 2024 Read More »
Mozilla has released an updated Firefox version 122, and Firefox ESR version 115.7 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, gain elevated privileges, bypass security restrictions, or execute arbitrary code and gain access to the affected products by persuading the victim to visit a
Mozilla Firefox Security Update – 24 January 2024 Read More »
Fortra has released a security update to address a critical vulnerability in multiple versions of Fortra GoAnywhere MFT (Managed File Transfer). The addressed vulnerability could allow the unauthorized remote attacker to create admin users via the administration portal which could lead to a complete device takeover, access sensitive data, introduce malware, and potentially enable further
Fortra Security Update – 24 January 2024 Read More »
Google has released an updated Chrome version 121.0.6167.85/.86 for Windows and 121.0.6167.85 for Mac and Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1.
Google Chrome Security Update – 24 January 2024 Read More »
Splunk has released security updates to fix several vulnerabilities across multiple Splunk products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial of service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Splunk Enterprise Code Execution Vulnerability (CVE-2024-23678):
Splunk Security Updates – 23 January 2024 Read More »
Apple has released security updates to address multiple vulnerabilities across macOS Monterey, Ventura, Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, obtain sensitive information, execute arbitrary code, and gain access to the affected systems by persuading the victimto visit a specially crafted website. Sample of the
Apple Security Updates – 23 January 2024 Read More »
Atlassian has released a security update to address a critical vulnerability in Atlassian Confluence Data Center and Server out-of-date versions (8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3). The addressed vulnerability is described as a template injection weakness that could allow the unauthenticated remote attacker to execute arbitrary code and gain access to the affected system. Atlassian
Atlassian Security Update – 22 January 2024 Read More »
Apache has released a security update to address a vulnerability in multiple versions of Apache Tomcat. The addressed vulnerability could allow the remote attacker to obtain sensitive information caused by the leaking of unrelated request bodies in the default error page by sending a specially crafted request to the affected system. Apache Tomcat Information Disclosure
Apache Security Update – 21 January 2024 Read More »
MOVEit Transfer has released a security update to address a vulnerability in multiple versions of Progress MOVEit Transfer. The addressed vulnerability could allow the remote attacker to perform a denial of service attack on the affected system by sending a specially crafted request via a parameter in HTTPS transactions. Progress MOVEit Transfer Denial of Service
MOVEit Transfer Security Update – 18 January 2024 Read More »
Oracle released its critical patch update for January 2024, containing (389) new security patches for multiple affected products in Oracle code and third-party components included in Oracle products. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, performing denial of service attacks, bypassing security restrictions, executing arbitrary code, and
Oracle Security Patch Update – 18 January 2024 Read More »
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
