Alerts

Google has released an updated Chrome version 106.0.5249.119 for Windows, Mac, and Linux to fix multiple vulnerabilities. The remote attacker could exploit some of these vulnerabilities to take control of the affected system or cause a denial of service. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code or

VMware has released a security advisory to address several vulnerabilities which affect multiple VMware products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system.  The addressed vulnerabilities could allow the attackers to perform several attacks, like executing arbitrary code on the underlying operating system that hosts the vCenter

Cisco has released security updates to address several vulnerabilities in multiple Cisco products The severity of the addressed vulnerabilities could allow the attacker to fully compromise the Cisco NFVIS system and cause a denial of service. Samples of the addressed vulnerabilities: 1. Cisco Enterprise NFV Infrastructure Software (NFVIS) code execution (CVE 2022-20929): • CVSS: 7.8 •

Microsoft has released an updated version of Microsoft Edge (Version 106.0.1370.34) to fix a vulnerability in Microsoft Edge. The remote attacker could exploit this vulnerability to take control of the affected system. The severity of the addressed vulnerability could allow the remote attacker to exploit this vulnerability by persuading a victim to visit a specially crafted Web

The Twig third-party library for content templating and sanitization has released a security update that affects Drupal versions (8.0.0 to 9.3.22, 9.4.0 to 9.4.7). The severity of the addressed vulnerability could allow an untrusted user to access private files, the contents of other files on the server, or database credentials.The remote attacker could exploit this vulnerability

Google has released an updated Chrome version (106.0.5249.91) for Windows, Mac, and Linux to fix multiple vulnerabilities. The remote attacker could exploit these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code on the affected system by persuading the victim to

Redhat, Ubuntu, SUSE, and Debian released security updates to address multiple vulnerabilities. The attacker could exploit some of these vulnerabilities to take control of the affected system. The most severe vulnerability in the Linux kernel could allow the attacker to execute arbitrary code on the system caused by sending a specially-crafted request. Sample of the

SolarWinds has released security updates to address multiple vulnerabilities in SolarWinds Orion Platform “2022.2 and earlier”, and Hybrid Cloud Observability NCM “2020.2.5 and previous versions”. The addressed vulnerabilities could be exploited to allow the remote attacker to perform SQL injection or stored and DOM-based cross-site scripting attacks. Sample of the addressed vulnerabilities: 1. SQL Injection

Google has released an updated Chrome version (106.0.5249.61/62) for Windows and (106.0.5249.61) for Mac and Linux to fix multiple vulnerabilities. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code, bypass security restrictions by

Trend Micro has released a new service pack for Apex One product that resolves multiple vulnerabilities in the product.  The addressed vulnerabilities could allow the remote attacker to perform several attacks, like bypassing security restrictions, elevating privileges, and causing a denial of service on the affected system. Sample of addressed vulnerabilities :  1 -Trend Micro

Zoom has released security updates to fix vulnerabilities in Zoom On-Premise Meeting Connector (MMR) products. The remote attacker could exploit these vulnerabilities to obtain information from the affected system. The severity of the addressed vulnerabilities could allow the remote attacker to obtain sensitive information, caused by improper access control and use this information to launch

SAP has released security updates to address several vulnerabilities affecting multiple products. In addition, SAP also announced (5) updates to the previously released patch day security note. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP Business One, SAP BusinessObjects Business Intelligence Platform, SAP Access Control, SAP NetWeaver Enterprise Portal (KMC),

Apple has released security updates to address multiple vulnerabilities in the updated version of macOS Monterey 12.6, macOS Big Sur 11.7, and Safari 16. The remote attacker could exploit these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the attackers to perform several attacks like bypassing security

Cuba is a ransomware family that appends the .cuba file extension to encrypted files. When executed this malware terminates services associated with common server applications and encrypts files on the local filesystem and attached network drives using an embedded RSA key. Cuba ransomware operation has increased its activity recently and started to target financial organizations