SonicWall has released security updates to address several vulnerabilities across SonicWall NetExtender Windows, Connect Tunnel Windows, and the SMA 100 series. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, cause file corruption, manipulate file paths, or execute arbitrary code and gain access to the affected system. Sample of the addressed […]
SonicWall Security Updates – 17 April 2025 Read More »
Apple has released security updates to address several vulnerabilities across macOS Sequoia. The addressed vulnerabilities could allow the attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system. The addressed vulnerabilities: 1. Apple macOS Sequoia Code Execution Vulnerability ( CVE-2025-31200): CVSS: 7.5 Attack Vector: Network Attack Complexity: High Privileges Required:
Apple Security Updates – 17 April 2025 Read More »
Oracle released its critical patch updates for April 2025, containing (378) new security patches for multiple affected products in Oracle code and third-party components. The addressed vulnerabilities could allow the attacker to perform various attacks such as obtaining sensitive information, conducting denial of service attacks, performing data manipulation (update, insert, or delete access), or executing
Oracle Security Patch Update – 16 April 2025 Read More »
Microsoft has released an updated Microsoft Edge stable channel “135.0.3179.73” to address a vulnerability. The addressed vulnerability could allow the remote attacker to execute arbitrary code by persuading the victim to visit a malicious page. Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CVE-2025-29834): CVSS: 7.5 Attack Vector: Network Attack Complexity: High Privileges Required: None User
Microsoft Edge Security Update – 13 April 2025 Read More »
Juniper has released security updates to fix several vulnerabilities affecting multiple Juniper Networks products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain sensitive information, or execute arbitrary code, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Juniper Networks Junos OS (SRX Series) Denial of
Juniper Security Updates – 10 April 2025 Read More »
HPE Aruba has released security updates to fix multiple vulnerabilities affectingseveral Aruba products. The addressed vulnerabilities could allow the attacker to execute arbitrary code/commands, download arbitrary files, perform cross-site scripting (XSS), modify files, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Authenticated Remote Code Execution Vulnerabilities in Web-Based Management Interface
Aruba Security Updates – 09 April 2025 Read More »
Adobe has released security updates to fix several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, bypass security restrictions, gain elevated privileges, execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Adobe ColdFusion Deserialization of Untrusted Data (CWE-502) Vulnerability (CVE-2025-24447):
Adobe Security Updates – 09 April 2025 Read More »
Ivanti has released a security update to fix several vulnerabilities affecting multiple Ivanti products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, obtain sensitive information, perform denial of service attacks, gain elevated privileges, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Ivanti
Ivanti Security Update – 09 April 2025 Read More »
Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, gain elevated privileges, bypass security restrictions, or execute arbitrary code, and gain access to the affected product. Sample of the addressed vulnerabilities: 1. FortiSwitch Unverified Password Change Escalation of
Fortinet Security Updates – 09 April 2025 Read More »
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one actively exploited zero-day vulnerability. Microsoft has fixed (134) vulnerabilities as they could allow the attacker to gain elevated privileges, bypass security restrictions, disclose sensitive information, perform spoofing or execute arbitrary code, and gain access to the affected
Microsoft April 2025 Patch Tuesday Read More »
SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a critical patch that fixes several vulnerabilities affecting multiple SAP products such as SAP S/4HANA (Private Cloud), SAP Financial Consolidation, SAP BusinessObjects Business Intelligence platform (Central Management Console), and SAP Landscape Transformation (Analysis Platform). The attacker could exploit some
SAP April 2025 Security Patch Day Read More »
Microsoft has released an updated Microsoft Edge stable channel “135.0.3179.54” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1.
Microsoft Edge Security Update – 06 April 2025 Read More »
Ivanti has released security updates to address a critical vulnerability affecting multiple Ivanti products. The vulnerability could allow the remote unauthenticated attacker to execute arbitrary code through a stack-based buffer overflow and gain access to the affected product. Ivanti Connect Secure, Policy Secure, and ZTA Gateways Remote Code Execution Vulnerability (CVE-2025-22457): CVSS: 9 Attack Vector:
Ivanti Security Update – 06 April 2025 Read More »
Apple has released security updates to address multiple vulnerabilities across macOS Sequoia, Sonoma, Ventura, and Safari. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Apple
Apple Security Updates – 03 April 2025 Read More »
Google has released an updated Chrome version “135.0.7049.52” for Linux and version “135.0.7049.41/42” for Windows and Mac The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, gain elevated privileges, or access sensitive information through malicious web pages. Sample of the addressed vulnerabilities: 1. Google Chrome Use After Free in Navigations Vulnerability (CVE-2025-3066):
Google Chrome Security Update – 03 April 2025 Read More »
Mozilla has released an updated Firefox version 137, Firefox ESR versions 128.9, and 115.2 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to bypass security restrictions, conduct exploitable crashes, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Mozilla Firefox Sandbox Escape Vulnerability (CVE-2025-2857):
Mozilla FireFox Security Updates – 03 April 2025 Read More »
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks or perform denial of service attacks on the affected product. Sample of the addressed vulnerabilities: 1. Cisco Meraki MX and Z Series AnyConnect VPN Denial of Service Vulnerability (CVE-2025-20212): CVSS:
Cisco Security Updates – 03 April 2025 Read More »
Splunk has released security updates to fix multiple vulnerabilities affecting several Splunk products and third-party components. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Code Execution Vulnerability through File
Splunk Security Updates – 27 March 2025 Read More »
Google has released an updated Chrome version “134.0.6998.177/.178” for Windows to fix a zero-day vulnerability. The addressed vulnerability could allow the remote attacker to bypass Chrome sandbox protections and infect systems with sophisticated malware. Google Chrome Browser’s Sandbox Security Bypass (CVE-2025-2783): CVSS: 8.3 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required
Google Chrome Security Update – 27 March 2025 Read More »
VMware has released a security update to fix a vulnerability across VMware Tools for Windows. The addressed vulnerability could allow the attacker with non-administrative privileges on a Windows guest VM to bypass security restrictions and gain the ability to perform certain high-privilege operations within that VM. VMware Tools Authentication Bypass Vulnerability (CVE-2025-22230): CVSS: 7.8 Attack
VMware Security Update – 26 March 2025 Read More »
