Veeam has released a security update to fix multiple vulnerabilities across Veeam Backup & Replication systems and Veeam Agent for Microsoft Windows. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: Veeam Backup Arbitrary Code Execution Vulnerability (CVE-2025-23121): CVSS: 9.9 […]
Veeam Security Update – 18 June 2025 Read More »
Google has released an updated Chrome version 137.0.7151.103/.104 for Windows, Mac and 137.0.7151.103 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code by persuading the victim to visit a specially crafted website and gain access to the affected system. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2025-5958):
Google Chrome Security Update – 11 June 2025 Read More »
SolarWinds has released security updates to address several vulnerabilities affecting multiple SolarWinds products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, conduct cross-site scripting attacks, or gain elevated privileges to the affected product. 1. SolarWinds DameWare Mini Remote Control Service Incorrect Permissions Privilege Escalation Vulnerability (CVE-2025-26396): CVSS: 7.8 Attack Vector: Local Attack
SolarWinds Security Updates – 11 June 2025 Read More »
Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, perform path traversal, perform denial of service attacks, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. HPE Aruba Networking Private 5G
Aruba Security Updates – 11 June 2025 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, conduct server-side request forgery attacks, bypass security restrictions, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Multiple OS Command
Fortinet Security Updates – 11 June 2025 Read More »
Mozilla has released an updated version of Firefox, 139.0.4 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to conduct denial of service attacks or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: Mozilla Firefox Code Execution Vulnerability (CVE-2025-49709): CVSS: 8.8 Attack Vector: Network Attack
Mozilla Firefox Security Updates – 11 June 2025 Read More »
Ivanti has released security updates to fix multiple vulnerabilities across Ivanti Workspace Control (IWC) version 10.19.0.0 and prior. The addressed vulnerabilities could allow the attacker to obtain sensitive information by decrypting stored SQL information and environment passwords on the affected system. Sample of the addressed vulnerabilities: Ivanti Workspace Control Information Disclosure Vulnerability (CVE-2025-5353): CVSS: 8.8
Ivanti Security Updates – 11 June 2025 Read More »
Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass security restrictions, gain elevated privileges, conduct denial-of-service attacks, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Adobe Commerce Cross-site Scripting
Adobe Security Updates – 11 June 2025 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed two zero-day vulnerabilities. Microsoft has fixed (70) vulnerabilities, with (10) classified as critical, as they could allow the attacker to gain elevated privileges, or execute arbitrary code and gain access to the affected systems. June’s Patch Tuesday was
Microsoft June 2025 Patch Tuesday Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass security restrictions, obtain sensitive information, manipulate data, gain elevated privileges, conduct denial of service attacks, or execute arbitrary code and gain access to the affected systems. Sample of addressed
Cisco Security Updates – 10 June 2025 Read More »
Trend Micro has released security updates to address several vulnerabilities Affecting Trend Micro Apex One 2019 (On-prem), and Apex One as a Service. The addressed vulnerabilities could allow the attacker to gain elevated privileges, manipulate data, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Trend Micro
Trend Micro Security Updates – 10 June 2025 Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a critical patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver, SAP S/4 HANA, SAP GRC, SAP Business Warehouse, SAP Plug-In Basis, SAP BusinessObjects Business Intelligence, SAP MDM Server, SAP Business One Integration Framework and
SAP Security Updates – 10 June 2025 Read More »
Splunk has released security updates to fix two vulnerabilities affecting Splunk Enterprise, Splunk Cloud Platform, and Splunk Universal Forwarder for Windows. The addressed vulnerabilities could allow the remote attacker to conduct crosssite scripting attacks or gain access to the affected product. The addressed vulnerabilities: 1. Incorrect Permission Assignment on Splunk Universal Forwarder for Windows Vulnerability
Splunk Security Updates – 04 June 2025 Read More »
Google has released an updated Chrome version 137.0.7151.68/.69 for Windows, Mac, and 137.0.7151.68 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by exploiting heap corruption via a crafted HTML page. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2025- 5419):
Google Chrome Security Update – 04 June 2025 Read More »
Aruba has released a security update to fix several vulnerabilities affecting HPE Aruba StoreOnce Software. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform server-side request forgery attacks, manipulate data, bypass security restrictions, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. HPE
Aruba Security Update – 04 June 2025 Read More »
Apache has released security updates to address several vulnerabilities affecting multiple Apache Tomcat versions. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks or bypass security restrictions on the affected systems. Sample of the addressed vulnerabilities: Apache Tomcat CGI Security Constraint Security Bypass Vulnerability (CVE-2025- 46701): CVSS: 7.3 Attack Vector:
Apache Tomcat Security Updates – 01 June 2025 Read More »
Citrix has released security updates to address multiple vulnerabilities affecting Citrix XenServer and Citrix Hypervisor. The addressed vulnerabilities could allow the local attacker to gain elevated privileges by exposing various facilities to userspace by the XenBus, XenCons, and XenIface drivers. Sample of the addressed vulnerabilities: XenServer and Citrix Hypervisor Privilege Escalation Vulnerability (CVE-2025- 27462): CVSS:
Citrix Security Updates – 28 May 2025 Read More »
Mozilla has released an updated Firefox version 139, Firefox ESR versions 128.11 and 115.24 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to obtain sensitive information or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Mozilla Firefox Unencrypted SNI Information Disclosure Vulnerability (CVE-2025-5270): CVSS:
Mozilla Firefox Security Updates – 28 May 2025 Read More »
Google has released an updated Chrome version 137.0.7151.55/56 for Windows and Mac, and version 137.0.7151.55 for Linux. The addressed vulnerabilities could allow the attacker to bypass security restrictions, or execute arbitrary code by persuading the victim to visit a specially crafted website and gain access to the affected system. Sample of the addressed vulnerabilities: 1.
Google Chrome Security Update – 28 May 2025 Read More »
Grafana has released security updates to address several vulnerabilities affecting Grafana OSS and Grafana Enterprise. The addressed vulnerabilities could allow the remote attacker to gain elevated privileges, conduct cross-site scripting attacks, or delete the server administrator account. Sample of the addressed vulnerabilities: Grafana Cross-Site-Scripting (XSS) via Custom Loaded Frontend Plugin Vulnerability (CVE-2025-4123): CVSS: 7.6 Attack
Grafana Security Update – 25 May 2025 Read More »
