Announcements

Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, perform server-side request forgery attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. HPE Networking Instant on Access Points Hardcoded Credential […]

Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, conduct denial-of-service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Adobe Experience Manager (AEM) Forms

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one zero-day vulnerability. Microsoft has fixed (130) vulnerabilities, with one classified as critical, as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP Supplier Relationship Management, SAP NetWeaver, SAP S/4HANA and SAP SCM, SAP GRC, SAP Business Warehouse, SAP Business Objects Business Intelligence Platform, SAP MDM Server, SAP Business

Citrix has released a security update to address a vulnerability affecting Citrix NetScaler ADC and Citrix NetScaler Gateway. The addressed vulnerability could allow the remote attacker to cause a memory overflow, leading to unintended control flow and a denial of service attack. Improper Restriction of Operations Within The Bounds of a Memory Buffer Vulnerability (CVE-2025-6543):

Citrix has released security updates to address multiple vulnerabilities affecting Citrix Secure Access Client for Windows, Citrix Workspace app for Windows, NetScaler ADC, and NetScaler Gateway. The addressed vulnerabilities could allow the attacker to bypass access controls, obtain sensitive information, or gain elevated privileges on the affected product. Sample of the addressed vulnerabilities: 1. NetScaler

Veeam has released a security update to fix multiple vulnerabilities across Veeam Backup & Replication systems and Veeam Agent for Microsoft Windows. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: Veeam Backup Arbitrary Code Execution Vulnerability (CVE-2025-23121): CVSS: 9.9

Adobe has released security updates to address several vulnerabilities across multiple Adobe products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass security restrictions, gain elevated privileges, conduct denial-of-service attacks, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Adobe Commerce Cross-site Scripting

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed two zero-day vulnerabilities. Microsoft has fixed (70) vulnerabilities, with (10) classified as critical, as they could allow the attacker to gain elevated privileges, or execute arbitrary code and gain access to the affected systems. June’s Patch Tuesday was

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass security restrictions, obtain sensitive information, manipulate data, gain elevated privileges, conduct denial of service attacks, or execute arbitrary code and gain access to the affected systems. Sample of addressed

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a critical patch that fixes several vulnerabilities affecting multiple SAP products such as SAP NetWeaver, SAP S/4 HANA, SAP GRC, SAP Business Warehouse, SAP Plug-In Basis, SAP BusinessObjects Business Intelligence, SAP MDM Server, SAP Business One Integration Framework and

Aruba has released a security update to fix several vulnerabilities affecting HPE Aruba StoreOnce Software. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform server-side request forgery attacks, manipulate data, bypass security restrictions, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. HPE

Adobe has released security updates to address multiple vulnerabilities across several Adobe products. information, bypass security restrictions, execute arbitrary code, and gain elevated privileges to the affected products. Sample of the addressed vulnerabilities: 1. Adobe ColdFusion Improper Input Validation Vulnerability (CVE-2025- 43559): CVSS: 9.1 Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction:

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, gain elevated privileges, perform denial of service attacks, gain access to sensitive information, and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Stack-Based Buffer Overflow Vulnerability in

Ivanti has released security updates to fix multiple vulnerabilities across several Ivanti products. The addressed vulnerabilities could allow the attacker to escalate elevated privileges, access protected resources without proper credentials via the API, execute arbitrary code via crafted API requests, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Ivanti Neurons

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed seven zero-day vulnerabilities. Microsoft has fixed (78) vulnerabilities, with (5) classified as critical as they could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products, such as SAP NetWeaver, SAP Supplier Relationship Management, SAP Business Objects Business Intelligence Platform, SAP PDCE, SAP Service Parts Management (SPM), and SAP Landscape Transformation. The attacker could exploit

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products, such as SAP NetWeaver, SAP Supplier Relationship Management, SAP Business Objects Business Intelligence Platform, SAP PDCE, SAP Service Parts Management (SPM), and SAP Landscape Transformation. The attacker could exploit

Cisco has released security updates to fix multiple vulnerabilities affecting several Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, upload arbitrary files, conduct cross-site request forgery (CSRF) attacks, read and modify the outgoing proxy configuration settings, perform cross-site scripting attacks, bypass security restrictions, conduct command injection attacks, escalate

Elasticsearch has released a security update to a fix critical vulnerability affecting Kibana versions from 8.3.0 to 8.17.5, 8.18.0, and 9.0.0. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected product by uploading a crafted HTTP request. Kibana Code Execution Vulnerability via Prototype Pollution (CVE-2025-25014): CVSS: