Alerts

Redhat has released security updates to address multiple vulnerabilities across multiple products. The severity of the addressed vulnerabilities could allow the attacker to gain access, leak kernel information, gain Privileges, and cause a denial of service on the affected system. Sample of the addressed vulnerabilities: GnuPG Libksba buffer overflow (CVE-2022-3515): CVSS: 9.8 Attack Vector: Network […]

Citrix has released security updates for Citrix ADC and Citrix Gateway to fix multiple vulnerabilities. The severity of the addressed vulnerabilities could allow the remote attacker could exploit these vulnerabilities to take over the administrator’s account, take control of the affected system or bypass the security. Sample of the addressed vulnerabilities: Citrix ADC and Citrix

Microsoft has released its monthly patch of security updates, known as Patch Tuesday, and with it comes fixes for six actively exploited zero-day vulnerabilities, with one being publicly disclosed.Microsoft has fixed (68) vulnerabilities, with (11) classified as Critical as they allow remote code execution, the elevation of privileges, or spoofing. November’s Patch Tuesday was released

Fortinet has released security updates to address multiple vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the attacker to execute arbitrary code on the system or perform unintentional contact with remote servers by sending a specially-crafted input/configuration.

Tenable Nessus has released an updated version (Nessus 10.3.1) to fix multiple vulnerabilities in the third-party components (moment.js, expat, datatables, libxml2, zlib). The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code or cause a denial of service condition on the affected products by sending a specially-crafted request. Sample of the addressed

Aruba has released security updates to fix vulnerabilities in multiple productsrelated to WLAN and SD-WAN. The severity of the addressed vulnerabilities could allow the unauthenticated remote attacker to execute arbitrary code, cause a denial of service, and obtain information. Samples of the addressed vulnerabilities: 1- Command Injection in the PAPI protocol (CVE-2022-37897): CVSS: 9.8 Attack

VMware has released security updates to fix vulnerabilities in multiple products. The severity of the addressed vulnerabilities could allow the unauthenticated remote attacker to execute arbitrary code or obtain information on the affected products. Samples of the addressed vulnerabilities: 1- VMware XStream command execution (CVE-2021-39144): CVSS: 9.8 Attack Vector: Network Attack Complexity: Low Privileges Required:

Apple has released security updates to address multiple vulnerabilities in the updated version of macOS Big Sur 11.7.1, macOS Monterey 12.6.1, macOS Ventura 13, and Safari 16.1. The remote attacker could exploit these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the attackers to perform several attacks like bypassing security

F5 has released security updates for October 2022 to address several vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system, disclose information, escalate privileges and cause a denial of service. Samples of the addressed vulnerabilities: 1. F5 BIG-IP Advanced WAF and ASM iControl REST

Oracle released its critical patch updates for October 2022, containing (370) new security patches for multiple affected products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. This critical patch update provides security updates to fix several vulnerabilities that may be remotely exploitable without authentication in a wide range of

Apache has released a security Update to address a critical vulnerability in Apache Commons. The remote attacker could exploit this vulnerability to take control of the affected system. Apache Commons Text is vulnerable to code execution caused by an insecure interpolation defaults flaw. The attacker could exploit this vulnerability by sending a specially-crafted input to execute arbitrary

Aruba has released security updates for Aruba EdgeConnect Enterprise Orchestrator that address multiple critical security vulnerabilities. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The addressed vulnerabilities could allow the remote attacker to elevate privileges to administrators without credentials and allow arbitrary command execution on the underlying host leading