Alerts

Mozilla has released an updated Firefox version 138.0.4, Firefox ESR versions 128.10.1, and 115.23.1 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. The addressed vulnerabilities: 1. […]

Palo Alto has released security updates to fix multiple vulnerabilities affecting Palo Alto PAN-OS and Palo Alto Cortex XDR. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, bypass security restrictions, conduct cross-site scripting attacks, manipulate data, obtain sensitive information, execute arbitrary commands/codes, and gain access to the affected systems. Sample of the

Intel has released security updates to address several vulnerabilities affecting multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform denial-of-service attacks, or obtain sensitive information and gain access to the affected systems. Samples of the addressed vulnerabilities: 1. Intel Gaudi Software Installer Advisory Improper Access Control Vulnerability (CVE-2024-45067): CVSS:

Apple has released security updates to address multiple vulnerabilities across macOS Sequoia 15.5, Sonoma 14.7.6, Ventura 13.7.6, and Safari 18.5. The addressed vulnerabilities could allow the attacker to perform denial-of service attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain access to the affected systems. Sample of the addressed

Zoom has released security updates to fix several vulnerabilities across Zoom Workplace Apps. The addressed vulnerabilities could allow the attacker to conduct a denial of service attack, perform a cross-site scripting attack, bypass security restrictions, or gain elevated privileges to the affected systems. Sample of the addressed vulnerabilities: 1. Zoom Workplace Apps – Time-of-check Time-of-use

F5 has released security updates to address several vulnerabilities affecting multiple F5 products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, manipulate files, bypass security restrictions, perform denial of service attacks, or gain access by using SSH key-based authentication to the affected product. Sample of the addressed vulnerabilities: 1. F5OS Improper Authorization

VMware has released security updates to fix multiple vulnerabilities across several VMware products. The addressed vulnerabilities could allow the remote attacker with non-administrative privileges on a guest VM to manipulate certain files or perform cross-site scripting attacks on the affected product. Sample of the addressed vulnerabilities: VMware Aria Automation DOM-Based Cross-Site Scripting Vulnerability (CVE-2025-22249): CVSS:

SonicWall has released a security update to fix Multiple vulnerabilities affecting SonicWall SMA 100 Series (SMA 200, 210, 400, 410, 500v). The addressed vulnerabilities could allow the remote authenticated attacker to bypass path checks and delete files potentially resulting in a reboot to factory defaults, or inject shell command arguments to upload a file on

Microsoft has released an updated Microsoft Edge stable channel “136.0.3240.50” to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform a denial of service attack, obtain sensitive information, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Heap Buffer Overflow

SonicWall has released a security update to fix one vulnerability affecting SonicWall SMA1000. The addressed vulnerability could allow the remote attacker to perform a serverside request forgery (SSRF) which will cause the appliance to make requests to an unintended location. Sonicwall SMA1000 Server-Side Request Forgery Vulnerability (CVE-2025-2170): CVSS: 7.2 Attack Vector: Network Attack Complexity: Low

SonicWall has released a security update to address a vulnerability across SonicOS SSLVPN Virtual Office interface. The addressed vulnerability could allow the unauthenticated remote attacker to cause a denial of service attack and crash the affected firewall system. SonicOS SSLVPN NULL Pointer Dereference Denial-of-Service Vulnerability (CVE-2025-32818): CVSS: 7.5 Attack Vector: Network Attack Complexity: Low Privileges