Alerts

Splunk has released security updates to fix multiple vulnerabilities affecting several Splunk products and third-party components. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Code Execution Vulnerability through File […]

Google has released an updated Chrome version “134.0.6998.177/.178” for Windows to fix a zero-day vulnerability. The addressed vulnerability could allow the remote attacker to bypass Chrome sandbox protections and infect systems with sophisticated malware. Google Chrome Browser’s Sandbox Security Bypass (CVE-2025-2783): CVSS: 8.3 Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required

VMware has released a security update to fix a vulnerability across VMware Tools for Windows. The addressed vulnerability could allow the attacker with non-administrative privileges on a Windows guest VM to bypass security restrictions and gain the ability to perform certain high-privilege operations within that VM. VMware Tools Authentication Bypass Vulnerability (CVE-2025-22230): CVSS: 7.8 Attack

Microsoft has released an updated Microsoft Edge stable channel “134.0.3124.83” to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privileges or execute arbitrary code and gain access to the affected systems by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based)

Apache has released a security update to address a vulnerability affecting multiple versions of Apache Tomcat. The addressed vulnerability could allow the remote attacker to obtain sensitive information, manipulate data, or execute arbitrary code and gain access to the affected systems. Apache Tomcat Code Execution Vulnerability (CVE-2025-24813): CVSS: 8.6 Attack Vector: Network Attack Complexity: Low

Microsoft has released an updated Microsoft Edge version “134.0.3124.66” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Microsoft Edge Code

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, or gain elevated privileges to the affected product by using crafted commands at the prompt. Sample of the addressed vulnerabilities: 1. Cisco IOS XR Software CLI

Apple has released security updates to address a zero-day vulnerability in the WebKit cross-platform across macOS Sequoia and Safari. The addressed vulnerability could allow the remote attacker to execute arbitrary code caused by an out-of-bounds write in the WebKit component by persuading the victim to open a specially crafted web content. Apple Safari and macOS

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, gain elevated privileges, obtain sensitive information, bypass security restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, or execute arbitrary code and gain access to the affected product.

Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected systems. Sample of the addressed Vulnerabilities: 1. Zoom Apps Heap-based Buffer Overflow Vulnerability (CVE-2025-27440): CVSS: 8.5 Attack Vector: Network Attack Complexity:

Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to expose sensitive data through memory leaks or execute arbitrary code and gain access to the affected product by persuading the victim to open a malicious file. Sample of the addressed vulnerabilities: 1. Adobe Acrobat

Microsoft has released its monthly patch of security updates, known as Patch Tuesday.  The mentioned patch addressed seven zero-day vulnerabilities. Microsoft has fixed (57) vulnerabilities as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to the

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released security updates to address vulnerabilities affecting SAP Commerce (Swagger UI), SAP Business One, SAP Business Warehouse, and SAP NetWeaver (ABAP Class Builder). The attacker could exploit some of theses vulnerabilities to perform cross-site scripting attacks or gain elevated privileges

Google has released an updated Chrome version 134.0.6998.88/.89 for Windows, Mac, and 134.0.6998.88 for Linux. The addressed vulnerabilities could allow the remote attacker to crash the browser, execute arbitrary code via a crafted HTML page, and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Google Chrome Remote Code Execution Vulnerability in

Microsoft has released an updated Microsoft Edge stable channel “134.0.3124.51” to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, obtain sensitive information through a crafted HTML page, or execute arbitrary code and gain access to the affected system by persuading the victim to install malicious extensions. Sample of

Cisco has released security updatesto fix multiple vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, or execute arbitrary commands and gain access to the affected product by sending a crafted IPC message to a specific Cisco Secure Client process. The addressed vulnerabilities: 1. Cisco Secure Client

Google has released updated Chrome versions 134.0.6998.35/36 for Windows, 134.0.6998.44/45 for Mac, and 134.0.6998.35 for Linux. The addressed vulnerabilities could allow the remote attacker to crash the browser, execute arbitrary code, or obtain sensitive information via a crafted HTML page and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Google Chrome