| Sl. |
Advisories & Alerts |
OEM/Organization |
| 1 | Red Hat Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.001]
details...
Between 29th June and 5th July 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 2 | Ubuntu Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.002]
details...
Between 29th June and 5th July 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
- Ubuntu 26.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 3 | Dell Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.003]
details...
Between 29th June and 5th July 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Cyber Recovery - versions prior to 20.1.0.0
- Dell Data Protection Advisor - versions 19.9 to 19.12 SP2
- Dell Networker - versions prior to 8.0.29
- Dell Networker - versions prior to 17.0.5
- Dell OpenManage Enterprise Modular - versions prior to 20.20.20
- Dell PowerProtect Cyber Recovery - versions prior to cyber-recovery-osupdate-15.4.0-18.bin
- Dell PowerProtect Data Manager Appliance DM5500 - versions prior to 5.20.1.0
- SupportAssist for Business PCs - versions prior to 5.1.1.3567
- SupportAssist for Home PCs - versions prior to 5.0.2.2900
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 4 | Roundcube Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.004]
details...
On 5th July 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Roundcube Webmail - versions prior to 1.6.17
- Roundcube Webmail - versions prior to 1.7.2
Review the following advisories and apply the necessary updates:
| Roundcube |
| 5 | OpenSSH Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.005]
details...
On 6th July 2026, OpenSSH published a security advisory to address vulnerabilities in OpenSSH - versions prior to 10.4.
Review the following OpenSSH Security Advisory and apply the necessary updates:
| Openssh |
| 6 | Microsoft Edge Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.006]
details...
On 2nd July 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 150.0.4078.48.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 7 | BeyondTrust Security Advisory. [Published Date: 2026-07-06]
[Id:2026.07.06.007]
details...
On 21st June 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Remote Support - version 25.3.2 and prior
- Privileged Remote Access - version 25.3.2 and prior
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 8 | Qualcomm Security Advisory - July 2026 Monthly Rollup. [Published Date: 2026-07-06]
[Id:2026.07.06.008]
details...
On 21st June 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Remote Support - version 25.3.2 and prior
- Privileged Remote Access - version 25.3.2 and prior
Review the following advisories and apply the necessary updates:
| Qualcomm |
| 9 | IBM Security Advisory. [Published Date: 2026-07-05]
[Id:2026.07.05.001]
details...
Between 29th June and 5th July 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Automation Assets in IBM Cloud Pak for Integration (CP4I) - multiple versions
- HMC V10.3.1050.0 - versions V10.3.1050.0 to V10.3.1064.0
- HMC V11.1.1110.0 - versions V11.1.1110.0 to V11.1.1111.5
- IBM Bob - versions 1.0.0, 1.0.1 and 1.0.2
- IBM App Connect Operator - multiple versions
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM Business Automation Insights - multiple versions
- IBM Business Automation Manager Open Editions - versions 9.0.0 to 9.4.2
- IBM Business Automation Workflow traditional - multiple versions
- IBM Business Automation Workflow Enterprise Service Bus - multiple versions
- IBM Cloud Pak for Business Automation - multiple versions
- IBM DataPower Gateway - multiple models and versions
- IBM DataStax Enterprise - versions 6.9.0 to 6.9.22
- IBM Db2 Genius Hub – versions 1.1, 1.1.1 and 1.1.2
- IBM EntireX - version 11.1
- IBM Event Endpoint Management - versions 11.0.0 to 11.7.4
- IBM Integrated Analytics System - versions 1.0.0.0 to 1.0.30.0
- IBM Library Support for Spring - version 2.7
- IBM Quantum Safe Remediator - versions 1.1 to 1.1.2
- IBM Rational ClearQuest - versions 9.1 to 9.1.0.11 and 10.0 to 10.0.10
- IBM SPSS Modeler - version 19.0.0.0
- IBM Tivoli Monitoring - versions 6.3.0.7 to 6.3.0.7 Service Pack 22
- IBM Tivoli Netcool Configuration Impact - version 7.1.1
- IBM Tivoli Netcool Configuration Manager - versions 6.4.2 GA to 6.4.2.24
- IBM Tivoli System Automation Application Manager - version 4.1
- IBM webMethods Integration (on prem) - versions 10.15 and 10.11
- Langflow OSS - versions 1.0.0 to 1.10.0
- Maximo AI Service - version 9.1.0
- Platform Navigator in IBM Cloud Pak for Integration (CP4I) - multiple versions
- PowerVM Novalink - multiple versions
- WebSphere Application Server - versions 8.5 and 9.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 10 | WatchGuard Security Advisory. [Published Date: 2026-07-03]
[Id:2026.07.03.001]
details...
On 2nd July 2026, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS 2025.1 - version 2026.2 and prior
- Fireware OS 11.x - version 11.12.4_Update1 and prior
- Fireware OS 12.0 - version 12.12 and prior
- Fireware OS 12.5 - version 12.5.18 and prior
- Mobile VPN with SSL client for Windows - version 2026.2 and prior
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 11 | GitHub Security Advisory. [Published Date: 2026-07-03]
[Id:2026.07.03.002]
details...
On 30th June 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.21.x prior to 3.21.2
- GitHub Enterprise Server - versions 3.20.x prior to 3.20.4
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.8
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.11
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.17
Review the following advisories and apply the necessary updates:
| Github |
| 12 | Cisco Security Advisory. [Published Date: 2026-07-02]
[Id:2026.07.02.001]
details...
On 1st July 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Catalyst Center Release 2.3.7 - versions prior to 2.3.7.11-VA GSMU100
- Cisco Catalyst Center Release 3.1 - versions prior to 3.1.6 GSMU200
- Secure Endpoint Connector - multiple versions and platforms
Review the following advisories and apply the necessary updates:
| Cisco |
| 13 | Google Chrome Security Advisory. [Published Date: 2026-07-02]
[Id:2026.07.02.002]
details...
On 30th June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 150.0.7871.46/47 (Windows/Mac), and 150.0.7871.46 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 14 | Adobe Security Advisory - Update 1. [Published Date: 2026-07-02]
[Id:2026.07.02.003]
details...
On 30th June 2026, Adobe published security advisories to address critical vulnerabilities in the following products:
- Adobe ColdFusion 2025 - Update 9 and prior
- Adobe ColdFusion 2023 - Update 20 and prior
- Adobe Campaign Classic - version ACC v7: 7.4.3 build 9396 and prior
Update 1
Open-source reporting indicates that CVE-2026-48282 is being exploited.
Review the provided web links and apply the necessary updates.
| Adobe |
| 15 | SimpleHelp Security Advisory. [Published Date: 2026-06-30]
[Id:2026.06.30.001]
details...
On 26th June 2026, SimpleHelp published a security update to address vulnerabilities in the following products:
- SimpleHelp - versions 5.5.0 to versions prior to 5.5.16
- SimpleHelp - versions 6.0 to versions prior to 6.0 RC2
Review the provided web links and apply the necessary updates.
| Others |
| 16 | wolfSSL Security Advisory. [Published Date: 2026-06-30]
[Id:2026.06.30.002]
details...
On 23rd June 2026, wolfSSL published a security update to address vulnerabilities in wolfSSL - versions prior to 5.9.2.
Review the provided web links and apply the necessary updates.
| Others |
| 17 | Mozilla Security Advisory. [Published Date: 2026-06-30]
[Id:2026.06.30.003]
details...
On 30th June 2026, Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 152.04
Review the following advisories and apply the necessary updates:
| Mozilla |
| 18 | Citrix Security Advisory. [Published Date: 2026-06-30]
[Id:2026.06.30.004]
details...
On 30th June 2026, Citrix published security advisories to address vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway - versions 14.1 before 14.1-72.61
- NetScaler ADC and NetScaler Gateway - versions 13.1 before 13.1-63.18
- NetScaler ADC FIPS - versions before 14.1-72.61 FIPS
- NetScaler ADC FIPS and NDcPP - versions before 13.1-37.272
Review the following advisories and apply the necessary updates:
| Citrix |
| 19 | Ubuntu Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.001]
details...
Between 22nd and 28th June 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 26.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 20 | Red Hat Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.002]
details...
Between 22nd and 28th June 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 21 | Dell Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.003]
details...
Between 22nd and 28th June 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerProtect Data Manager Appliance DM5510 - versions prior to 20.1.0.0
- Dell Networking OS10 - versions prior to 10.6.1.2
- Dell Private Cloud, Nutanix - versions prior to 01.02.00.00
- PowerSwitch Z9864F-ON - versions prior to 3.5.0
- Dell AX System for Azure - versions prior to 2606
- Dell OpenManage Enterprise Modular - versions prior to 2.20.20
- Dell iDRAC10 - versions prior to 1.30.10.51
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 22 | IBM Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.004]
details...
Between 22nd and 28th June 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Cloud Pak System - version 2.3.5.0
- IBM Observability with Instana (Agent) - versions Build 1.0.303 to 1.0.319
- IBM Db2 Big SQL on Cloud Pak for Data - version 5.0
- IBM Db2 Big SQL on IBM Software Hub - multiple versions
- IBM Engineering Workflow Management - version 7.2, 7.1 and 7.0.3
- IBM Engineering Requirements Management DOORS Next - version 7.2, 7.1 and 7.0.3
- Global Configuration Management - version 7.2, 7.1 and 7.0.3
- Jazz Foundation - version 7.2, 7.1 and 7.0.3
- Langflow OSS - version 1.0.0 to 1.10.0
- IBM Engineering Test Management - version 7.2, 7.1 and 7.0.3
- IBM InfoSphere Information Server - version 11.7.0.0 to 11.7.1.6
- IBM Operator for PostgreSQL - version v28.3.0 to v28.3.2
- IBM Spectrum Control - multiple versions
- IBM Sterling Partner Engagement Manager Essentials Edition - multiple versions
- IBM Sterling Partner Engagement Manager Standard Edition - multiple versions
- IBM Storage Defender Copy Data Management - version 2.2.0.0 to 2.3.0.1
- IBM Storage Protect Plus File Systems Agent - version 10.1.6 to 10.1.18
- IBM Storage Protect Plus Guest Applications - version 10.1.6 to 10.1.18
- IBM Storage Protect Plus vSnap - version 10.1 to 10.1.18
- IBM Storage Protect Plus Server - version 10.1 to 10.1.18
- IBM Storage Sentinel Anomaly Scan Engine - version 1.1.0 to 2.3.0
- IBM watsonx Orchestrate Developer Edition - version 1.4.0 to 2.11.0
- WatsonX BI - version 5.0 to 5.3
- WebSphere Service Registry and Repository - version 8.5
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 23 | Microsoft Edge Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.005]
details...
On 26th June 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 149.0.4022.98.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 24 | Oracle Security Advisory (Id:2026.05.29.003) - Update 1. [Published Date: 2026-06-29]
[Id:2026.06.29.006]
details...
On 29th May 2026, Oracle published a security advisory to address critical vulnerabilities in the following products:
- Oracle Communications Unified Assurance - versions 6.1.1 to 7.0.0
- Oracle Database Server - versions 23.4.0 to 23.26.2
- Oracle E-Business Suite - versions 12.2.3 to 12.2.15
- Oracle Hospitality OPERA 5 Property Services - versions 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6 and 5.6.28
- Oracle REST Data Services - versions 24.2.0 to 26.1.0
Update 1
Open-source reporting indicates that CVE-2026-46817 is being exploited.
Review the provided web links and perform the suggested mitigations.
| Oracle |
| 25 | Apple Security Advisory. [Published Date: 2026-06-29]
[Id:2026.06.29.007]
details...
On 29th June 2026, Apple published a security update to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 26.5.2
- macOS Tahoe - versions prior to 26.5.2
Review the provided web links and apply the necessary updates.
| Apple |
| 26 | Google Chrome Security Advisory. [Published Date: 2026-06-26]
[Id:2026.06.26.001]
details...
On 25th June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.200/201 (Windows/Mac), and 149.0.7827.200 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 27 | Drupal Security Advisory. [Published Date: 2026-06-25]
[Id:2026.06.25.001]
details...
On 24th June 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Geolocation Field - versions prior to 3.15.0
- WissKI - versions prior to 4.2.0
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 28 | HPE Security Advisory. [Published Date: 2026-06-25]
[Id:2026.06.25.002]
details...
Between 24th and 25th June 2026, HPE published security advisories to address vulnerabilities in the following products:
- HPE Unified Correlation Analyzer (UCA) - versions prior to 4.4.10
- HPE Telco Service Orchestrator - versions prior to v5.6.1
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 29 | Google Chrome Security Advisory. [Published Date: 2026-06-24]
[Id:2026.06.24.001]
details...
On 23rd June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.196/197 (Windows/Mac), and 149.0.7827.196 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 30 | Tenable Security Advisory. [Published Date: 2026-06-24]
[Id:2026.06.24.002]
details...
On 23rd May 2026, Tenable released security updates to address vulnerabilities in Tenable Identity Exposure - versions prior to. 3.93.4.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 31 | n8n Security Advisory. [Published Date: 2026-06-24]
[Id:2026.06.24.003]
details...
On 24th June 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n - versions prior to 2.28.1
- n8n - versions prior to 2.27.4
- n8n - versions prior to 1.123.61
Review the following n8n Security Advisory and apply the necessary updates.
| n8n |
| 32 | Jenkins Security Advisory. [Published Date: 2026-06-24]
[Id:2026.06.24.004]
details...
On 24th June 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Assembla Plugin - versions prior to 1.4
- External Workspace Manager Plugin - versions prior to 1.3.2
- OWASP ZAP Plugin - versions prior to 1.0.7
- Script Security Plugin - versions prior to 1402.v94c9ce464861
Review the following advisories and apply the necessary updates:
| Jenkins |
| 33 | GitLab Security Advisory. [Published Date: 2026-06-24]
[Id:2026.06.24.005]
details...
On 24th June 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 19.1.1, 19.0.3 and 18.11.6
- GitLab Enterprise Edition (EE) - versions prior to 19.1.1, 19.0.3 and 18.11.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 34 | Broadcom VMware Security Advisory. [Published Date: 2026-06-23]
[Id:2026.06.23.001]
details...
Between 22nd and 23rd June 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu Data Flow on Kubernetes - versions prior to 2.1.3
- VMware Tanzu Greenplum Backup and Restore - versions prior to 1.33.2
- VMware Tanzu Greenplum Platform Extension Framework - versions prior to 8.0.1
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 3.13.17
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.0.22
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.1.13
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.2.8
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.3.2
- VMware Tanzu GemFire - versions prior to 10.1.8
- VMware Tanzu RabbitMQ - versions prior to 3.13.17
- VMware Tanzu RabbitMQ - versions prior to 4.0.22
- VMware Tanzu RabbitMQ - versions prior to 4.1.13
- VMware Tanzu RabbitMQ - versions prior to 4.2.8
- VMware Tanzu RabbitMQ - versions prior to 4.3.2
- VMware Tanzu Greenplum - versions prior to 6.33.2
- VMware Tanzu Greenplum - versions prior to 7.8.2
Review the Security Advisories - Tanzu and apply the necessary updates. | Broadcom |
| 35 | IBM Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.001]
details...
Between 15th and 21th June 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Content-Aware Storage - versions 1.0.0 to 1.1.3
- DataStage on Cloud Pak for Data - versions prior to 5.3.1.0
- Decision Optimization for Cloud Pak for Data - versions 5.0 to 5.3.1 - Patch 4 releases
- Host On-Demand (HOD) - versions 16.0 to 16.0.1, versions 15.0 to 15.0.4
- IBM ApplinX - versions prior to 11.1 and 12.1
- IBM Cloud Pak for Data System (CPDS) - versions 1.0.0.0 to 1.0.10.0
- IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - multiple versions
- IBM Engineering Lifecycle Management on Hybrid Cloud - versions 1.0.0 to 1.3.0
- IBM Enterprise Build of Quarkus - versions 3.27.1 to 3.27.4, versions 3.33.1 to 3.33.2
- IBM EntireX - versions prior to 11.1
- IBM Fusion HCI - versions 2.10.0 to 2.12.1
- IBM Fusion - versions 2.9.0 to 2.12.1
- IBM Guardium Key Lifecycle Manager (SKLM/GKLM) - versions prior to 4.1
- IBM HTTP Server - versions prior to 9.0 and 8.5
- IBM MQ Operator - multiple versions
- IBM Netezza Software - versions prior to 11.3.0.3-IF2
- IBM Operational Decision Manager - multiple versions
- IBM Planning Analytics Local - versions 2.1.0 to 2.1.20
- IBM Robotic Process Automation for Cloud Pak - multiple versions
- IBM Security QRadar Log Management AQL Plugin - versions 1.0.0 to 1.1.5
- IBM Sterling Connect:Direct Web Services - versions 6.3.0 to 6.3.0.18
- IBM Sterling Connect:Direct Web Services - versions 6.4.0 to 6.4.0.7
- IBM Tivoli Netcool Configuration Manager - versions 6.4.2 GA to 6.4.2.24
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.3.1
- IBM supplied MQ Advanced container images - multiple versions
- IBM webMethods BPM - versions prior to 12.1 and 11.1
- ICP - Discovery - versions 5.0.0 to 5.3.1
- Langflow OSS - versions 1.0.0 to 1.9.3
- MongoDB Enterprise Advanced with IBM - versions Ops-Manager 8.0.0 to 8.0.21
- MongoDB Enterprise Advanced with IBM - versions migrator 1.0.0 to 1.15.9
- QRadar - versions prior to 7.5.0
- UCD - IBM DevOps Deploy - versions 8.0 to 8.0.1.13, versions 8.1 to 8.1.2.6
- UCD - IBM UrbanCode Deploy - versions 7.2 to 7.2.3.23, versions 7.3 to 7.3.2.18
- WebSphere Application Server - versions prior to v9.0.5.5
- voice-gateway/sip-orchestrator - versions prior to 1.0.8.26
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 36 | Ubuntu Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.002]
details...
Between 15th and 21st June 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 37 | Dell Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.003]
details...
Between 15th and 21st June 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Container Storage Modules - multiple versions
- Dell Data Protection Central - versions 19.10 to 19.12 with Data Protection Central OS Update prior to dpc-osupdate-1.1.27-1
- Dell PowerFlex Custom Node - multiple versions
- Dell PowerFlex Software - versions prior to 4.5.5.2
- Dell PowerFlex Software - versions prior to 5.1.0.1
- Dell Private Cloud - Red Hat - versions prior to 01.04.00.00
- Dell VxFlex Ready Node - versions prior to 2.25.0
- Dell VxRail Appliance - versions prior to 9.1.000
- PowerProtect DB - versions prior to 2.7.9 with Data Protection Central OS Update prior to dpc-osupdate-1.1.27-1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 38 | Red Hat Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.004]
details...
Between 15th and 21st June 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 39 | Microsoft Edge Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.005]
details...
On 18th June 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 149.0.4022.80.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 40 | JetBrains Security Advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.006]
details...
On 19th June 2026, JetBrains published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- JetBrains YouTrack - multiple versions
- JetBrains Hub - multiple versions
Review the JetBrains – Fixed security issues and apply the necessary updates. | Jetbrains |
| 41 | Node.js security advisory. [Published Date: 2026-06-22]
[Id:2026.06.22.007]
details...
On 18th June 2026, Node.js issued security bulletins to address vulnerabilities related to the following products:
- js 22 - versions prior to v22.23.0;
- js 24 - versions prior to v24.17.0;
- js 26 - versions prior to v26.3.1.
Review the web pages below and apply the necessary updates.
| NodeJS |
| 42 | Splunk Security Advisory (2026.06.10.015) - Update 1. [Published Date: 2026-06-18]
[Id:2026.06.18.001]
details...
On 10th June 2026, Splunk published security advisories to address vulnerabilities in the following products:
- Splunk SOAR - versions prior to 8.5.0
- Splunk Enterprise - multiple versions and platforms
- Splunk Cloud Platform - multiple versions and platforms
Update 1
On 18 th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20253 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates.
| Splunk |
| 43 | Drupal Security Advisory. [Published Date: 2026-06-18]
[Id:2026.06.18.002]
details...
On 17th June 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Drupal core - multiple versions
- Plotly.js Graphing - versions prior to 3.0.2
- Flag attendance field - versions prior to 8.x-1.2
- Formatter Field - versions prior to 2.0.0
Review the Drupal Security Advisory and apply the necessary updates. | Drupal |
| 44 | CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure. [Published Date: 2026-06-18]
[Id:2026.06.18.003]
details...
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices across government and private sector organizations using compromised credentials. This activity, referred to as FortiBleed, involves the exposure of leaked credentials associated with approximately 74,000 Fortinet devices, including firewalls and virtual private network (VPN) gateways.
To defend against this malicious cyber activity, CISA urges impacted Fortinet customers with FortiGate appliances and associated Secure Sockets Layer (SSL) VPN gateways to immediately:
- Terminate sessions and reset credentials. Terminate all active SSL VPN and administrative sessions. Reset all Fortinet VPN and administrative passwords, especially on internet-facing systems, and enforce strong password policies.
- Ensure secure credential storage. Confirm your organization's use of the Password-Based Key Derivation Function 2 (PBKDF2) algorithm to store administrator credentials and remove weaker legacy hashes per Fortinet's guidance (see, Fortinet's Technical Tip: Enforcing PBKDF2 as hash function for administrator accounts in FortiOS v7.2.11 and later).
- Review logs. Review firewall, VPN, authentication, and domain controller logs for lateral movement, unusual access, suspicious accounts, or unauthorized configuration changes.
- Enable phishing-resistant multifactor authentication (MFA). Require phishing-resistant MFA on all remote access and administrative accounts and ensure it is enforced on all external gateways and administrative interfaces.
- Reduce the attack surface and lock down management access. Ensure the administration of your firewall is inaccessible from the public internet; restrict Fortinet management interfaces to trusted internal networks; and remove or disable any unauthorized or unnecessary accounts.
See the following resources to determine your organization's potential impact and find additional guidance on the credentials compromised:
| CISA |
| 45 | Oracle Security Advisory - June 2026 Quarterly Rollup. [Published Date: 2026-06-17]
[Id:2026.06.17.001]
details...
On 16th June 2026, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- APM - Application Performance Management
- Identity Manager
- Identity Manager Connector
- JD Edwards EnterpriseOne Accounts Payable
- JD Edwards EnterpriseOne General Ledger
- JD Edwards EnterpriseOne Human Resources Management
- JD Edwards EnterpriseOne Order Promising
- JD Edwards EnterpriseOne Project Costing
- JD Edwards EnterpriseOne Tools
- MySQL Cluster
- MySQL NDB Cluster
- MySQL Router
- MySQL Server
- MySQL Shell
- Oracle Access Manager
- Oracle Agile PLM
- Oracle Application Development Framework (ADF)
- Oracle Coherence
- Oracle Communications Convergent Charging Controller
- Oracle Communications Network Charging and Control
- Oracle Communications Network Integrity
- Oracle Data Integrator
- Oracle E-Business Suite
- Oracle Enterprise Manager Base Platform
- Oracle GoldenGate
- Oracle Solaris
- Oracle Unified Directory
- Oracle VM VirtualBox
- Oracle Virtual Directory
- Oracle WebCenter Content
- Oracle WebCenter Enterprise Capture
- Oracle WebCenter Portal
- Oracle WebCenter Sites
- PeopleSoft Enterprise CS Campus Community
- PeopleSoft Enterprise CS Student Financials
- PeopleSoft Enterprise PT PeopleTools
- Siebel Applications
- WebCenter Content: Imaging
- WebLogic Server
Review Oracle Critical Patch Update Advisory - June 2026 and apply the necessary updates. | Oracle |
| 46 | JetBrains Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.002]
details...
On 16th June 2026, JetBrains published security advisories to address JetBrains GoLand - versions prior to 2026.1.3.
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 47 | Microsoft Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.003]
details...
| Microsoft |
| 48 | Atlassian Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.004]
details...
On 16th June 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Fisheye/Crucible - versions 4.9.0 to 4.9.10
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 49 | Google Chrome Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.005]
details...
On 16th June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.155/.156 (Windows/Mac), and 149.0.7827.155 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 50 | Mitel Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.006]
details...
On 17th June 2026, Veeam published security advisories to address vulnerabilities in the following products:
- MiCollab - multiple versions
- MiVoice Business Solution Virtual Instance (MiVB SVI) - version 2.1.0.9-2 and prior
Review the following advisories and apply the necessary updates:
| Mitel |
| 51 | F5 Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.007]
details...
On 17th June 2026, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- F5 DoS for NGINX - version 4.9.0
- F5 WAF for NGINX Instance Manager - versions 5.9.0 to 5.13.1
- NGINX App Protect DoS - versions 4.3.0 to 4.7.0
- NGINX App Protect WAF - versions 5.2.0 to 5.8.0 and 4.10.0 to 4.16.0
- NGINX Open Source - versions 1.30.0 to 1.30.2 and 1.31.0 to 1.31.1
- NGINX Instance Manager - versions 2.17.0 to 2.22.0
- NGINX Gateway Fabric - multiple versions
- NGINX Ingress Controller - multiple versions
- NGINX Plus - version 37.0.0 R33 to 37.01 R36
Review the following F5 Security Advisory and apply the necessary updates.
| F5 |
| 52 | Cisco Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.008]
details...
On 17th June 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
Cisco ISE (Identity Services Engine) and Cisco ISE-PIC (Passive Identity Connector)
- Cisco ISE and ISE-PIC Releases prior to 3.3 - all versions
- Cisco ISE and ISE-PIC Release 3.3 - versions prior to 3.3 Patch 11
- Cisco ISE and ISE-PIC Release 3.4 - versions prior to 3.4 Patch 6
- Cisco ISE and ISE-PIC Release 3.5 - versions prior to 3.5 Patch 4 (August 2026)
Review the following advisories and apply the necessary updates:
| Cisco |
| 53 | Splunk Security Advisory. [Published Date: 2026-06-17]
[Id:2026.06.17.009]
details...
On 17th June 2026, Splunk published a security update to address vulnerabilities in the Splunk AI Toolkit - versions prior to 5.7.4.
Review the following advisories and apply the necessary updates:
| Splunk |
| 54 | Fortinet security advisory (2026.04.14.003) - Update 1. [Published Date: 2026-06-16]
[Id:2026.06.16.001]
details...
On 14th April 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- FortiSandbox 4.4 - versions 4.4.0 to 4.4.8
- FortiSandbox 5.0 - versions 5.0.0 to 5.0.5
- FortiAnalyzer Cloud 7.6 - versions 7.6.2 to 7.6.4
- FortiManager Cloud 7.6 - versions 7.6.2 to 7.6.4
- FortiDDoS-F 7.2 - versions 7.2.1 to 7.2.2
Update 1
Open-source reporting indicates that CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 have been exploited.
Review the provided web links and apply the necessary updates.
| Fortinet |
| 55 | Zyxel Security Advisory. [Published Date: 2026-06-16]
[Id:2026.06.16.002]
details...
On 16th June 2026, Zyxel published security advisories to address vulnerabilities in GS1900 series switches - multiple versions and models
Review the following advisories and apply the necessary updates:
| Zyxel |
| 56 | Mozilla Security Advisory. [Published Date: 2026-06-16]
[Id:2026.06.16.003]
details...
On 16th June 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 152
- Firefox for iOS - versions prior to 152
- Firefox EST - versions prior to 140.12
- Firefox ESR - versions prior to 115.37
Review the following advisories and apply the necessary updates:
| Mozilla |
| 57 | IBM Security Advisory. [Published Date: 2026-06-15]
[Id:2026.06.15.001]
details...
Between 8th and 14th June 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Aspera Shares - versions 1.9.9 to 1.11.2
- IBM Automation Decision Services - multiple versions
- IBM Cloud Pak for Applications - multiple versions
- IBM Cloud Pak for Data System (CPDS) - versions 1.0.0.0 to 1.0.10.0
- IBM DevOps Code ClearCase -version 11.0
- IBM Enterprise Application Runtimes - versions 1.0 and 1.1
- IBM Enterprise Build of Quarkus - versions 3.27.0 to 3.27.3.SP2
- IBM Event Processing - versions 1.5.0 to 1.5.2
- IBM Guardium Key Lifecycle Manager (SKLM/GKLM) - version 4.1
- IBM Maximo Scheduler Optimization - multiple versions
- IBM Observability with Instana (OnPrem) - versions Build 1.0.285 to 1.0.317
- IBM Process Automation Manager Open Edition Starter Kit for Banking - version 9.3.1
- IBM Rational ClearCase - version 10.0.0
- IBM Rational ClearCase - version 9.1
- IBM Rational ClearQuest - versions 9.1 to 9.1.0.11, versions 10.0 to 10.0.10
- IBM Rational Developer for i (RDi) - version 9.9
- IBM Software Support App (iOS) - versions 4.0.0 to 4.0.1
- IBM Software Support app (Android) - versions 4.0.0 to 4.0.1
- IBM Tivoli Monitoring - versions 6.3.0.7 to 6.3.0.7 Service Pack 22
- IBM Tivoli Network Manager IP Edition - versions 4.2 GA to 4.2.0.24
- IBM Verify Identity Access Digital Credentials - versions 24.06 to 26.03
- IBM WebSphere Application Server Liberty - versions 17.0.0.3 to 26.0.0.5
- IBM WebSphere Application Server - multiple versions
- IBM WebSphere Hybrid Edition - version 5.1
- IBM i - multiple versions
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 5.0.0 to 5.3.2
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.10.0
- ICP - Discovery - versions 5.0.0 to 5.3.1
- Langflow OSS - versions 1.0.0 to 1.8.4
- SPSS Collaboration and Deployment Services - multiple versions
- Technical Support Appliance - multiple versions
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 58 | Dell Security Advisory. [Published Date: 2026-06-15]
[Id:2026.06.15.002]
details...
Between 8th and 14th June 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell NativeEdge Orchestrator - versions prior to 4.2.0.0
- iDRAC Tools - versions prior to 11.4.1.0
- PowerEdge - multiple versions
- PowerScale - multiple versions
- PowerStore - multiple versions
Review the following advisories and apply the necessary updates:
| Dell |
| 59 | Ubuntu Security Advisory. [Published Date: 2026-06-15]
[Id:2026.06.15.003]
details...
Between 8th and 15th June 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 60 | Red Hat Security Advisory. [Published Date: 2026-06-15]
[Id:2026.06.15.004]
details...
Between 8th and 14th June 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 61 | Cisco Security Advisory. [Published Date: 2026-06-15]
[Id:2026.06.15.005]
details...
On 4th June 2026, Cisco published security advisories to address vulnerabilities in Cisco Catalyst SD-WAN Manager - multiple versions and all deployment types.
On 15th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20262 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates, when available.
| Cisco |
| 62 | Microsoft Edge Security Advisory. [Published Date: 2026-06-12]
[Id:2026.06.12.001]
details...
On 9th June 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 1 49.0.4022.62.
Microsoft has indicated that CVE-2026-11645 has an available exploit.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 63 | Spring Security Advisory. [Published Date: 2026-06-12]
[Id:2026.06.12.002]
details...
Between 10 and 11th June 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring Cloud Sleuth - versions 3.1.0 to 3.1.13
- Spring Statemachine - multiple versions
- Spring Cloud Gateway - multiple versions
- Spring Integration - multiple versions
- Spring for GraphQL - multiple versions
Review the Spring Security Advisories and apply the necessary updates. | Others |
| 64 | Oracle security advisory (2026.06.11.001) - Update 1. [Published Date: 2026-06-12]
[Id:2026.06.12.003]
details...
On 10th June 2026, Oracle published a security advisory to address a critical vulnerability in PeopleSoft Enterprise PeopleTools – versions 8.61 and 8.62.
Open-source reporting indicates that CVE-2026-35273 is being exploited in the wild.
Update 1
On 12th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-35273 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and perform the suggested mitigations.
| Oracle |
| 65 | GeoServer Security Advisory. [Published Date: 2026-06-12]
[Id:2026.06.12.004]
details...
On 11th June 2026, GeoServer published a security advisory to address vulnerabilities in the following products:
- GeoServer - versions prior to 3.0.0
- GeoTools - versions prior to 35.0
- GeoWebCache - versions prior to 2.0.0
Review the provided web links and apply the necessary updates:
| Others |
| 66 | FreePBX Security Advisory. [Published Date: 2026-06-12]
[Id:2026.06.12.005]
details...
On 12th June 2026, FreePBX published security advisories to address vulnerabilities in the following products:
- FreePBX Security-Reporting ucp (FreePBX 16) - versions prior to 0.39
- FreePBX Security-Reporting ucp (FreePBX 17) - versions prior to 0.7
- FreePBX Security-Reporting superfecta (FreePBX 16) - versions prior to 16.0.40
- FreePBX Security-Reporting superfecta (FreePBX 17) - versions prior to 17.0.7
Review the following advisories and apply the necessary updates:
| FreePBX |
| 67 | Google Chrome Security Advisory. [Published Date: 2026-06-12]
[Id:2026.06.12.006]
details...
On 11th June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.114/115 (Windows/Mac), and 149.0.7827.114 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 68 | Oracle Security Advisory. [Published Date: 2026-06-11]
[Id:2026.06.11.001]
details...
On 10th June 2026, Oracle published a security advisory to address vulnerabilities in PeopleSoft Enterprise PeopleTools - versions 8.61 and 8.62
Open-source reporting indicates that CVE-2026-35273 is being exploited in the wild.
Review the following Oracle Security Advisory and apply the necessary updates:
| Oracle |
| 69 | GitLab Security Advisory. [Published Date: 2026-06-11]
[Id:2026.06.11.002]
details...
On 10th June 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 19.0.2, 18.11.5 and 18.10.8
- GitLab Enterprise Edition (EE) - versions prior to 19.0.2, 18.11.5 and 18.10.8
Review the following advisories and apply the necessary updates:
| Gitlab |
| 70 | Check Point Security Advisory. [Published Date: 2026-06-11]
[Id:2026.06.11.003]
details...
Between 10th June 2026, Check Point published security advisories to address vulnerabilities in Identity Agent - versions prior to 81.087.0000
Review the following advisories and apply the necessary updates:
| Others |
| 71 | Ivanti Security Advisory (2026.06.09.005) - Update 1. [Published Date: 2026-06-11]
[Id:2026.06.11.004]
details...
On 9th June 2026, Ivanti published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Ivanti Sentry - versions 10.5.1, 10.6.1, 10.7.0 and prior
- Ivanti Endpoint Manager Mobile - versions 12.9.0, 12.8.0.2, 12.7.0.1 and prior
Update 1
On 11 th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-10520 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Ivanti |
| 72 | OpenSSL Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.001]
details...
On 9th June 2026, OpenSSL published security advisories to address vulnerabilities in the following products:
- OpenSSL - versions 4.0.0 to versions prior to 4.0.1
- OpenSSL - versions 3.6.0 to versions prior to 3.6.3
- OpenSSL - versions 3.5.0 to versions prior to 3.5.7
- OpenSSL - versions 3.4.0 to versions prior to 3.4.6
- OpenSSL - versions 3.0.0 to versions prior to 3.0.21
- OpenSSL - versions 1.1.1 to versions prior to 1.1.1zh
- OpenSSL - versions 1.0.2 to versions prior to 1.0.2zq
Review the OpenSSL Security News and apply the necessary updates.
| OpenSSL |
| 73 | HPE Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.002]
details...
On 9th June 2026, HPE published security advisories to address vulnerabilities in HPE ProLiant RL300 Gen11 - versions prior to 1.84_04-02-2026.
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 74 | Spring Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.003]
details...
Between 9 and 10th June 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring AMQP - multiple versions
- Spring Authorization Server - multiple versions
- Spring Web Services - multiple versions
- Spring Web Flow - multiple versions
- Spring REST Docs - multiple versions
- Spring Data Commons - multiple versions
- Spring Data Relational - multiple versions
- Spring Security - multiple versions
- Spring Data MongoDB - multiple versions
- Spring Data JDBC - multiple versions
- Spring Data KeyValue - multiple versions
- Spring Data R2DBC - multiple versions
- Spring Data Redis - multiple versions
- Spring Data REST - multiple versions
- Spring for Apache Kafka - multiple versions
- Spring for Apache Pulsar - multiple versions
- Spring Data Commons (transitively affects all Spring Data store modules) - multiple versions
Review the Spring Security Advisories and apply the necessary updates.
| Others |
| 75 | Mozilla Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.004]
details...
On 9th June 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Focus for iOS - versions prior to 151.3.1
- Klar for iOS - versions prior to 151.3.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 76 | FreeBSD Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.005]
details...
On 9th June 2026, FreeBSD published security advisories addressing vulnerabilities in all supported versions.
Review the FreeBSD Security Advisories and apply the necessary updates.
| Others |
| 77 | AMD Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.006]
details...
On 9th June 2026, AMD published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Versal Prime Series Gen 2
- Versal AI Edge Series Gen 2
- AMD Management Console (AMC) - versions prior to 14.0.0
- AMD Ryzen Master - versions prior to 2.14.3
- AMD µProf - versions prior to 5.3
Review the following advisories and apply the necessary updates:
| AMD |
| 78 | Drupal Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.007]
details...
On 3rd June 2026, Drupal published security advisories to address vulnerabilities in the following products:
- LocalGov Workflows versions prior to 1.6.0
- Tacjs versions prior to 6.8
- Commerce Core 3.3.0 versions prior to 3.3.6
- Anti-Spam by CleanTalk versions prior to 9.7.1
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 79 | Jenkins Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.008]
details...
On 10th June 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Jenkins weekly - version 2.567 and prior
- Jenkins LTS - version 2.555.2 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 80 | FreePBX Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.009]
details...
On 10th June 2026, FreePBX published security advisories to address vulnerabilities in the following products:
- FreePBX Security-Reporting music (FreePBX 16) - versions 16.0.4 and prior
- FreePBX Security-Reporting music (FreePBX 17) - versions 17.0.6 and prior
Review the following advisories and apply the necessary updates:
| FreePBX |
| 81 | Erlang Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.010]
details...
On 10th June 2026, Veeam published security advisories to address vulnerabilities in the following products:
- OTP - versions prior to 27.3.4.13, 28.5.0.2 and 29.0.2
- erts (OTP) - versions prior to 15.2.7.9, 16.4.0.2 and 17.0.2
- inets (otp) - versions prior to 9.7.1, 9.6.2.2 and 9.3.2.6
- ssl (OTP) - versions prior to 11.7.2, 11.6.0.2 and 11.2.12.9
Review the following advisories and apply the necessary updates:
| Others |
| 82 | HPE Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.011]
details...
On 10th June 2026, HPE published security advisories to address vulnerabilities in HPE Telco Suite - multiple versions and models.
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 83 | Palo Alto Networks Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.012]
details...
On 10th June 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- Cortex XSIAM CommvaultSecurityIQ Marketplace 1.1.0 - versions prior to 1.2.0
- Cortex XSOAR CommvaultSecurityIQ Marketplace 1.1.0 - versions prior to 1.2.0
- Prisma Browser - versions prior to 148.18.4.217
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 84 | n8n Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.013]
details...
On 10th June 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (Credential Exfiltration) - multiple versions
- n8n (Cross-Tenant Credential) - multiple versions
- n8n (n8n MCP Browser) - versions 2.26.2 to 2.25.7
- n8n(SecurityScorecard Node) - multiple versions
Review the following n8n Security Advisory and apply the necessary updates.
| n8n |
| 85 | Broadcom VMware Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.014]
details...
On 9th June 2026, VMware published security advisories to address vulnerabilities in VMware Tanzu for Valkey on Kubernetes – versions prior to 3.4.1.
Review the following advisories and apply the necessary updates:
| Broadcom |
| 86 | Splunk Security Advisory. [Published Date: 2026-06-10]
[Id:2026.06.10.015]
details...
On 10th June 2026, Splunk published a security update to address vulnerabilities in the following products.
- Splunk SOAR - versions prior to 8.5.0
- Splunk Enterprise - multiple versions and platforms
- Splunk Cloud Platform - multiple versions and platforms
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 87 | SAP security advisory - May 2026 Monthly Rollup. [Published Date: 2026-06-09]
[Id:2026.06.09.001]
details...
On 9th June 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver AS ABAP and ABAP Platform - versions SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816, SAP_BASIS 918, SAP_BASIS 919
- SAP NetWeaver AS ABAP and ABAP Platform - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 91.9
- SAP Commerce Cloud and SAP Data Hub - versions HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211, 2211-JDK21, DHUB_CLOUD 2211
- SAP NetWeaver Application Server Java (Web Container) - version ENGINEAPI 7.50
- SAP Commerce Cloud - versions HY_COM 2205, COM_CLOUD 2211, 2211-JDK21
- SAP NetWeaver AS ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816
- ODP Data Replication APIs - versions DW4CORE 200, 300, 400, PI_BASIS 2006_1_700, 701, 702, 731, 740, SAP_BW 750, 816
- SAP S/4HANA - versions S4FND 102, 103, 104, 105, 106, 107, 108, 109
- SAP NetWeaver AS Java (JDBC Test Servlet) - version BI_UDI 7.50
- SAP Wily Introscope Enterprise Manager - version WILY_INTRO_ENTERPRISE 10.8
- SAP MDG (Review Match Groups Application) - versions S4CORE 108, SAP_BASIS 916, SAP_BASIS 917, SAP_ABA 816
- SAP Business Objects Business Intelligence Platform - versions ENTERPRISE 430, 2025, 2027
- SAP Fiori (launchpad) - versions SAP_UI 754, 755, 756, 757, 758, 816
- SAP Business Objects - versions ENTERPRISE 430, 2025, 2027
- SAP NetWeaver AS Java - versions SERVERCORE 7.50, CORE-TOOLS 7.50, J2EE-APPS 7.50
Review the SAP Security Patch Day - June 2026 and apply the necessary updates. | SAP |
| 88 | Apache Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.002]
details...
On 8th June 2026, Apache published a security advisory to address vulnerabilities in the Apache HTTP Server - versions prior to 2.4.68.
Review the provided web link and apply the necessary updates.
| Apache |
| 89 | Veeam Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.003]
details...
On 9th June 2026, Veeam published security advisories to address vulnerabilities in the Veeam Backup and Replication - versions prior to 12.3.2.4854.
Review the following advisories and apply the necessary updates:
| Veeam |
| 90 | MISP Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.004]
details...
On 9th June 2026, MISP published a security advisory to address vulnerabilities in the MISP (Malware Information Sharing Platform) - versions prior to v2.5.39.
Review the provided web link and apply the necessary updates.
| Others |
| 91 | Ivanti Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.005]
details...
On 9th June 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Ivanti Sentry - versions 10.5.1, 10.6.1, 10.7.0 and prior
- Ivanti Endpoint Manager Mobile - versions 12.9.0, 12.8.0.2, 12.7.0.1 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 92 | Fortinet Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.006]
details...
On 9th June 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiSandbox 5.0 - versions 5.0.0 to 5.0.5
- FortiSandbox 4.4 - versions 4.4.0 to 4.4.8
- FortiSandbox Cloud 5.0 - versions 5.0.4 to 5.0.5
- FortiSandbox PaaS 5.0 - versions 5.0.4 through 5.0.5
Review the following advisories and apply the necessary updates:
| Fortinet |
| 93 | Google Chrome Security Advisory - Update 1. [Published Date: 2026-06-09]
[Id:2026.06.09.007]
details...
On 8th June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.102/.103 for Windows/Mac, and 49.0.7827.102 for Linux.
Google is aware that an exploit for CVE-2026-11645 exists in the wild.
Update 1
On 9th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-11645 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates when available.
| Google |
| 94 | Microsoft Security Advisory - June 2026 monthly rollup. [Published Date: 2026-06-09]
[Id:2026.06.09.008]
details...
On 9th June 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 10.0
- .NET 8.0
- .NET 9.0
- ASP.NET
- Azure Connected Machine Agent
- Azure HorizonDB
- Azure Kubernetes Service
- Azure Local
- Azure Logic Apps
- Azure Machine Learning
- Azure Monitor Agent
- Azure Monitor Agent Metrics Extension
- Azure Orbital Spatio
- Azure Privileged Identity Management (PIM)
- Azure Resource Manager
- Azure SDK
- Azure Stack Edge
- Azure Stack HCI
- Azure Virtual Network Gateway
- Copilot Chat
- Linux kernel - Microsoft MANA Network Driver
- M365 Copilot for Desktop
- Microsoft .NET Framework
- Microsoft 365
- Microsoft 365 Copilot
- Microsoft Authenticator
- Microsoft Bing
- Microsoft Confluence SAML SSO plugin
- Microsoft Data Formulator
- Microsoft Defender for Endpoint for Mac
- Microsoft Dynamics 365
- Microsoft Edge
- Microsoft Entra ID
- Microsoft Excel
- Microsoft Excel 2016
- Microsoft Exchange Online
- Microsoft Exchange Server
- Microsoft Global Secure Access (GSA)
- Microsoft Graph
- Microsoft JIRA SAML SSO plugin
- Microsoft Live Share Canvas SDK
- Microsoft Malware Protection Engine
- Microsoft Office
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office 365
- Microsoft Office LTSC
- Microsoft Outlook for iOS
- Microsoft PC Manager
- Microsoft Planetary Computer Pro (GeoCatalog)
- Microsoft Power Pages
- Microsoft PowerPoint for Android
- Microsoft PowerToys
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft Teams
- Microsoft Visual Studio
- Microsoft Visual Studio 2026
- Microsoft Word
- Microsoft Word 2016
- Nuance PowerScribe 360
- Nuance PowerScribe One
- Office Online Server
- Power Automate for Desktop
- PowerScribe One
- Remote Desktop client
- Visual Studio
- Visual Studio Code
- Windows 10
- Windows 11
- Windows Admin Center
- Windows Admin Center in Azure Portal
- Windows App Client
- Windows Narrator Braille
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 95 | Adobe Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.009]
details...
On 9th June 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Experience Manager (AEM) - version AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) - version 6.5 LTS SP1 and prior
- Adobe Experience Manager (AEM) - version SP24 and prior
- Adobe Experience Manager 6.5 LTS - version SP1 and prior
- Adobe Experience Manager 6.5 - version 6.5.24.0 and prior
- Adobe InDesign - version ID21.3 and prior
- Adobe InDesign - version ID20.5.3 and prior
- Adobe InCopy - version 21.3 and prior
- Adobe InCopy - version 20.5.3 and prior
- Adobe Substance 3D Sampler - version 6.0.0 and prior
- Content Credentials JS SDK - version @contentauth/c2pa-web@0.8.3 and prior
- Content Credentials Rust SDK - version c2pa-v0.85.1 and prior
- Adobe Dreamweaver - version 21.7 and prior
- Adobe Acrobat - version 26.001.21651 and prior
- Adobe Reader - version 26.001.21651 and prior
- Adobe 2024 - version 24.001.30365 and prior
- Adobe ColdFusion 2025 - Update 8 and prior
- Adobe ColdFusion 2023 - Update 19 and prior
- Adobe Format Plugins - version 1.1.52 and prior
- Adobe Campaign Classic - version ACC v7: 7.4.3 build 9394 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 96 | HPE Security Advisory. [Published Date: 2026-06-09]
[Id:2026.06.09.010]
details...
On 9th June 2026, HPE published security advisories to address vulnerabilities in the following products:
- HPE Aruba Networking Management Software (Airwave) - version 8.3.0.6 and prior
- HPE Aruba Networking Private 5G Management Dashboard - all versions
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 97 | Cisco security advisory (2026.06.05.001)- Update 1. [Published Date: 2026-06-09]
[Id:2026.06.09.011]
details...
On 4th June 2026, Cisco published a security advisory to address a vulnerability in the Cisco Catalyst SD-WAN Manager.
Update 1
On 9th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20245 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates:
| Cisco |
| 98 | Cisco Security Advisory (Id:2026.06.03.002) - Update 1 [Published Date: 2026-06-09]
[Id:2026.06.09.012]
details...
On 3rd June 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following:
- Cisco Unified Communications Manager (CM) Release 14 - versions prior to 14SU6
- Cisco Unified Communications Manager (CM) Release 15 - versions prior to 15SU5 (Sep 2026) or COP
- Cisco Unified Communications Manager Session Management Edition (CM SME) release 14 - versions prior to 14SU6
- Cisco Unified Communications Manager Session Management Edition (CM SME) release 15 - versions prior to 15SU5 (Sep 2026) or COP
Cisco has indicated that a proof-of-concept exploit code is available for CVE-2026-20230.
Update 1
On 25 th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20230 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Cisco |
| 99 | IBM Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.001]
details...
Between 1st and 7th June 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Decision Optimization for Cloud Pak for Data – version 5.0 to 5.3.1 - Patch 2 releases
- DevOps Test UI (Test UI) - versions Test UI 11.0 to 11.0.6
- DevOps Test UI (Test UI) - versions Test UI 11.0 to 11.0.7
- FileNet Content Manager - multiple versions
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM App Connect Operator - multiple versions
- IBM Automation Assets in IBM Cloud Pak for Integration (CP4I) - multiple versions
- IBM Big SQL on Cloud Pak for Data - multiple versions
- IBM Bob - versions 1.0.0, 1.0.1 and 1.0.2
- IBM Business Automation Insights - multiple versions
- IBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus - multiple versions
- IBM Enterprise Content Management Text Search - multiple versions
- IBM ICP - Discovery - version 5.0.0 to 5.3.1
- IBM InfoSphere Optim Archive Viewer - versions 11.7.0.0 to 11.7.0.13
- IBM Maximo Application Suite - Visual Inspection Component - multiple versions
- IBM Maximo Application Suite - versions 9.0 and 9.1
- IBM Netezza Appliance - versions 1.0.0.0 and 1.0.0.1
- IBM Observability with Instana (OnPrem) - all versions
- IBM Platform Navigator in IBM Cloud Pak for Integration (CP4I) - multiple versions;
- IBM Security QRadar EDR - versions 3.12 to 3.12.24
- IBM Security SOAR - multiple versions
- IBM Sterling Connect:Direct Web Services - versions 6.3.0 to 6.3.0.18
- IBM Sterling Connect:Direct Web Services - versions 6.4.0 to 6.4.0.7
- IBM Sterling Connect:Direct for Microsoft Windows - versions 6.3.0.0 to 6.3.0.6_iFix050
- IBM Sterling Connect:Direct for Microsoft Windows - versions 6.4.0.0 to 6.4.0.4_iFix021
- IBM Storage Scale - versions 6.0.0.0 to 6.0.0.2
- IBM Storage Scale - versions 5.2.0.0 to 5.2.3.7
- IBM Verify Antenna - versions 25.05.0 to 26.03.0
- IBM Verify Identity Access Container - multiple versions
- IBM Verify Identity Access - multiple versions
- IBM WebSphere Application Server - versions 9.0 and 8.5
- IBM WebSphere Remote Server - versions 8.5, 9.0 and 9.1
- Jazz for Service Management - version 1.1.3 to 1.1.3.27
- Maximo AI Service - version 9.1.0
- QRadar AI Assistant - versions 1.0.0 to 1.5.0
- QRadar Log Source Management App - versions 1.0.0 to 7.0.14
- Rational Functional Tester (RFT) - multiple versions
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 100 | Dell Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.002]
details...
Between 1st and 7th June 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Private Cloud -VMware - versions prior to 01.04.00.00
- PowerSwitch Z9864F-ON - versions prior to v3.5.0
- Dell Automation Platform - versions prior to 2.1.0.0
- Dell VxRail Appliance - versions prior to 8.0.390
Review the following advisories and apply the necessary updates:
| Dell |
| 101 | Ubuntu Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.003]
details...
Between 1st and 7th June 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
- Ubuntu 26.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 102 | Red Hat Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.004]
details...
Between 1st and 7th June 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates.
| Red Hat |
| 103 | Spring Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.005]
details...
On 8th June 2026, Spring published security advisories to address vulnerabilities in Micrometer / Micrometer-core / jetty11 / jetty12 - multiple versions.
Review the provided web links and apply the necessary updates.
| Others |
| 104 | Check Point Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.006]
details...
Between 8th June 2026, Check Point published security advisories to address vulnerabilities in the following products:
- Mobile Access / SSL VPN, Remote Access VPN, Spark Firewall - multiple versions
- Security Gateways, Spark Firewall - multiple versions
Review the following advisories and apply the necessary updates:
| Others |
| 105 | Broadcom VMware Security Advisory. [Published Date: 2026-06-08]
[Id:2026.06.08.007]
details...
8th June 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Cloud Foundation - versions prior to 9.1.0.0
- VMware vSphere Foundation - versions prior to 9.1.0.0
- VMware Cloud Foundation - versions prior to 9.0.2.0 EP2
- VMware vSphere Foundation - versions prior to 9.0.2.0 EP2
- VMware Aria Operations - versions prior to 8.18.7
- VMware Aria Operations - versions prior to 8.18.6
- VMware Cloud Foundation - versions prior to 5.x
- VMware Telco Cloud Platform - versions prior to 5.x
Review the following advisories and apply the necessary updates:
| Broadcom |
| 106 | Cisco Security Advisory. [Published Date: 2026-06-05]
[Id:2026.06.05.001]
details...
On 4th June 2026, Cisco published security advisories to address vulnerabilities in Cisco Catalyst SD-WAN Manager.
Review the following advisories and apply the necessary updates:
| Cisco |
| 107 | SolarWinds Security Advisory (2026.06.04.002) - Update 1. [Published Date: 2026-06-05]
[Id:2026.06.05.002]
details...
Between 2nd and 3rd June 2026, SolarWinds published security advisories to address vulnerabilities in the following products:
- SolarWinds Serv-U - versions prior to 15.5.4 HF1
- SolarWinds Web Help Desk - versions prior to 2026.2
Update 1
On 5th June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-28318 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Solarwinds |
| 108 | Docker Security Advisory. [Published Date: 2026-06-04]
[Id:2026.06.04.001]
details...
On 1st June 2026, Docker published security updates to address a vulnerability in Docker Desktop - versions prior to 4.76.0.
Review the following provided web links and apply the necessary updates:
| Docker |
| 109 | SolarWinds Security Advisory. [Published Date: 2026-06-04]
[Id:2026.06.04.002]
details...
Between 2nd and 3rd June 2026, SolarWinds published security advisories to address vulnerabilities in the following products:
- SolarWinds Serv-U - versions prior to 15.5.4 HF1
- SolarWinds Web Help Desk - versions prior to 2026.2
Review the following provided web links and apply the necessary updates:
| Solarwinds |
| 110 | Google Chrome Security Advisory. [Published Date: 2026-06-03]
[Id:2026.06.03.001]
details...
On 2nd June 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 149.0.7827.53/54 for Windows/Mac, and 149.0.7827.53 for Linux.
Review the Google security bulletins and apply the required updates. | Google |
| 111 | Cisco Security Advisory. [Published Date: 2026-06-03]
[Id:2026.06.03.002]
details...
On 3rd June 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Unified Communications Manager (CM) Release 14 - versions prior to 14SU6
- Cisco Unified Communications Manager (CM) Release 15 - versions prior to 15SU5 (Sep 2026) or COP
- Cisco Unified Communications Manager Session Management Edition (CM SME) release 14 - versions prior to 14SU6
- Cisco Unified Communications Manager Session Management Edition (CM SME) release 15 - versions prior to 15SU5 (Sep 2026) or COP
Cisco has indicated that a proof-of-concept exploit code is available for CVE-2026-20230.
Review the following advisories and apply the necessary updates:
| Cisco |
| 112 | Broadcom VMware Security Advisory. [Published Date: 2026-06-03]
[Id:2026.06.03.003]
details...
2nd June 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire Management Console - versions prior to 1.4.5
- VMware Tanzu Data Lake - versions prior to 4.1.0
- VMware Tanzu for Postgres - versions prior to 18.4.0
- VMware Tanzu for Postgres - versions prior to 17.10.0
- VMware Tanzu for Postgres - versions prior to 16.14.0
- VMware Tanzu for Postgres - versions prior to 15.18.0
- VMware Tanzu for Postgres - versions prior to 14.23.0
Review the following advisories and apply the necessary updates:
| Broadcom |
| 113 | Samba Security Advisory. [Published Date: 2026-06-03]
[Id:2026.06.03.004]
details...
2nd June 2026, Samba published security advisories to address vulnerabilities in the following products:
- Samba: 4.22.x - versions prior to 4.22.10)
- Samba: 4.23.x - versions prior to 4.23.8)
- Samba: 4.24.x - versions prior to 4.24.3)
Review the following advisories and apply the necessary updates:
| Others |
| 114 | Samsung Mobile Security Advisory. [Published Date: 2026-06-02]
[Id:2026.06.02.001]
details...
On 2nd June 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-JUN-2026.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 115 | Android security advisory - June 2026 Monthly Rollup. [Published Date: 2026-06-02]
[Id:2026.06.02.002]
details...
On 1st June 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
The vendor indicates that CVE-2025-48595 may be under limited, targeted exploitation.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 116 | HPE Security Advisory. [Published Date: 2026-06-02]
[Id:2026.06.02.003]
details...
On 1st June 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HP Poly VVX - versions prior to UCS 6.4.8 – Pending
- HP Poly Trio 8300 - versions prior to UCS 8.1.7
- HP Poly Trio 8500 - versions prior to UCS 7.2.8
- HP Poly Trio 8800 - versions prior to UCS 7.2.8
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 117 | JetBrains Security Advisory. [Published Date: 2026-06-02]
[Id:2026.06.02.004]
details...
On 29th May 2026, JetBrains published security advisories to address vulnerabilities in the following products:
- JetBrains IntelliJ IDEA - versions prior to 2026.1.1
- JetBrains TeamCity - versions prior to 2026.1.1 and 2025.11.5
- JetBrains YouTrack - versions prior to 2026.1.13162
Review the JetBrains – Fixed security issues and apply the necessary updates. | Jetbrains |
| 118 | Mozilla Security Advisory. [Published Date: 2026-06-02]
[Id:2026.06.02.005]
details...
On 2nd June 2026, Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 151.0.3.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 119 | HPE Security Advisory. [Published Date: 2026-06-02]
[Id:2026.06.02.006]
details...
On 2nd June 2026, HPE published security advisories to address vulnerabilities in the following products:
- HPE Telco Network Function Virtualization Orchestrator - version 7.6.0 and prior
- HPE Aruba Networking ArubaOS-CX Switches - version 10.16.1000 and prior
- HPE Aruba Networking ArubaOS-CX Switches - version 10.15.0005 and prior
- HPE Aruba Networking ArubaOS-CX Switches - version 10.13.1080 and prior
- HPE Aruba Networking ArubaOS-CX Switches - version 10.16.1000 and prior
Review the provided web link and apply the necessary updates, once available:
| HPE |
| 120 | IBM Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.001]
details...
Between 25th and 31st May 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Aspera Enterprise WebApps - versions 1.0.0 to 1.0.2.1
- IBM Business Automation Workflow containers and traditional - multiple versions
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
- IBM Control Center - multiple versions
- IBM DataStax Enterprise - versions 5.1, 6.7, 6.8 and 6.9
- IBM Edge Application Manager - multiple versions
- IBM Engineering Lifecycle Management - Jazz Foundation - multiple versions
- IBM Library Support for Spring - version 3.3
- IBM License Metric Tool - versions 9.2.0 to 9.2.43
- IBM Maximo Application Suite - Monitor Component - version 9.1.0.0
- IBM Observability with Instana (Agent) - versions Build 1.0.303 to 1.0.318
- IBM Process Mining - versions 2.0.0 to 2.1.1 IF001
- IBM Security SOAR - multiple versions
- IBM Tivoli Application Dependency Discovery Manager - versions 7.3.0.0 to 7.3.0.12
- QRadar Suite Software - versions 1.10.12.0 to 1.11.10.0
- WebSphere Service Registry and Repository - version 8.5
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 121 | Dell Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.002]
details...
Between 25th and 31st May 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- PowerEdge Server Chipset Driver - multiple applications and versions
- Data Lakehouse - versions prior to 1.8.0.0
- Dell Enterprise SONiC Distribution - versions prior to 4.5.2
- Dell Unity - versions prior to 5.5.4
Review the following advisories and apply the necessary updates:
| Dell |
| 122 | Ubuntu Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.003]
details...
Between 25th and 31st May 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 123 | Red Hat Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.004]
details...
Between 25th and 31st May 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 124 | Mozilla Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.005]
details...
On 1st June 2026, Mozilla published security advisories to address vulnerabilities in Firefox for iOS - versions prior to 151.2.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 125 | Ivanti Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.006]
details...
On 1st June 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Ivanti Neurons for ITSM (On-Premises) - version 2025.4 and prior
- Ivanti Neurons for ITSM (Cloud) - version 2026.1 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 126 | Plesk Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.007]
details...
On 27th May 2026, Plesk published a security advisory to address a vulnerability in the following product:
- Plesk for Linux - versions prior to 18.0.75.1
- Plesk for Linux - versions prior to 18.0.76.2
Review the provided web links and apply the necessary updates.
| Others |
| 127 | Oracle security advisory - July 2024 quarterly rollup (2024.07.17.003) - Update 1. [Published Date: 2026-06-01]
[Id:2026.06.01.008]
details...
On 16th July 2024, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Oracle Analytics
- Oracle Communications Applications
- Oracle Communications
- Oracle Financial Services Application
- Oracle Fusion Middleware
- Oracle MySQL
- Oracle Siebel CRM
Update 1
On 1st June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21182 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates:
| Oracle |
| 128 | Qualcomm Security Advisory - June 2026 monthly rollup. [Published Date: 2026-06-01]
[Id:2026.06.01.009]
details...
On 1st June 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin - June and apply the necessary updates. | Qualcomm |
| 129 | Broadcom VMware Security Advisory. [Published Date: 2026-06-01]
[Id:2026.06.01.010]
details...
29th May 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu for Valkey - versions prior to 7.2.13
- VMware Tanzu for Valkey - versions prior to 8.0.9
- VMware Tanzu for Valkey - versions prior to 8.1.7
- VMware Tanzu for Valkey - versions prior to 9.0.4
Review the following advisories and apply the necessary updates:
| Broadcom |
| 130 | Notepad++ Security Advisory. [Published Date: 2026-05-29]
[Id:2026.05.29.001]
details...
On 26th May 2026, Notepad++ released security updates to address Notepad++ - versions prior to v8.9.6.1.
Review the provided web links and apply the necessary updates.
| Others |
| 131 | Microsoft Edge Security Advisory. [Published Date: 2026-05-29]
[Id:2026.05.29.002]
details...
On 28th May 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 148.0.3967.96.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 132 | Oracle Security Advisory. [Published Date: 2026-05-29]
[Id:2026.05.29.003]
details...
On 28th May 2026, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Oracle Communications Unified Assurance - versions 6.1.1 to 7.0.0
- Oracle Database Server - versions 23.4.0 to 23.26.2
- Oracle E-Business Suite - versions 12.2.3 to 12.2.15
- Oracle Hospitality OPERA 5 Property Services - versions 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6 and 5.6.28
- Oracle REST Data Services - versions 24.2.0 to 26.1.0
Review the following Oracle Security Advisory and apply the necessary updates:
| Oracle |
| 133 | Palo Alto Networks security advisory (2026.05.13.006) - Update 1. [Published Date: 2026-05-29]
[Id:2026.05.29.004]
details...
On 13th May 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 - versions prior to 12.1.4-h5
- PAN-OS 12.1 - versions prior to 12.1.7
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
Update 1
On 29th May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0257 to their Known Exploited Vulnerabilities (KEV) Database.
Impacted products for CVE-2026-0257:
- PAN-OS 12.1 - versions prior to 12.1.4-h6
- PAN-OS 12.1 - versions prior to 12.1.7
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
- Prisma Access 11.2.0 - versions prior to 11.2.7-h13
- Prisma Access 10.2.0 - versions prior to 10.2.10-h36
Review the provided web links, perform the suggested mitigations, and apply the necessary updates.
| Palo Alto Networks |
| 134 | Drupal Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.001]
details...
On 27th May 2026, Drupal published security advisories to address vulnerabilities in Drupal AlternativeCommerce (Basket) - versions prior to 2.1.17.
Review the following Drupal Security Advisory and apply the necessary updates:
| Drupal |
| 135 | Veeam Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.002]
details...
On 27th May 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Veeam Backup for AWS 10.1 - versions prior to 10.1.0.40
- Veeam Backup for Google Cloud 7.0.1 - versions prior to 7.0.1.4
- Veeam Backup for Microsoft Azure 8.1 Patch 2 - versions prior to 8.0.236
- Veeam Recovery Orchestrator - versions prior to 13.0.2.27
Review the following advisories and apply the necessary updates:
| Veeam |
| 136 | Zimbra Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.003]
details...
On 27th May 2026, Zimbra published security advisories to address vulnerabilities in Zimbra Daffodil - versions prior to v10.1.17.
Review the following Zimbra Security Advisory and apply the necessary updates:
| Zimbra |
| 137 | Erlang Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.004]
details...
On 27th May 2026, Veeam published security advisories to address vulnerabilities in the following products:
- OTP - versions prior to 29.0.1, 28.5.0.1, 27.3.4.12 and 26.2.5.21
- Public_key (OTP) - versions prior to 1.21.1, 1.20.3.1, 1.17.1.3 and 1.15.1.7
Review the following advisories and apply the necessary updates:
| Others |
| 138 | Tanium Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.005]
details...
On 27th May 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Connect 2024H2 - versions prior to Update 25 (v5.26.191)
- Connect 2025H1 - versions prior to Update 19 (v5.29.237)
- Connect 2025H2 - versions prior to Update 9 (v5.37.140)
Review the following advisories and apply the necessary updates:
| Others |
| 139 | Mitel Security Advisory. [Published Date: 2026-05-28]
[Id:2026.05.28.006]
details...
On 28th May 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Mitel Standard Linux - versions 12.x and prior
- MiVoice 5000 - versions 8.x and prior
- MiVoice Border Gateway - versions 11.6.x, 12.x and prior
- MiVoice Business - versions 10.1.x to 10.5.x
- MiVoice Business Solution Virtual Instance - versions 2.x and prior
- MiVoice MX-ONE - versions 7.3 to 7.8 and version 8.x and prior
- OpenScape 4000 - versions V10 R1.x, V11 R0.22, V11 R1.26 and prior
- OpenScape Branch - versions V10.3 and V11.x and prior
- OpenScape SBC - versions V10.3 and V11.x and prior
- OpenScape Voice Server - versions V9R3 JITC, V10, V11 and prior
- MiCollab - versions 10.x and prior
- MiCloud Management Portal - versions 6.3.x and prior
- Mitel Open Integration Gateway - versions 4.3.x and prior
- Mitel Performance Analytics MPA - versions 3.6x and prior
- OpenScape Contact Media Service (used by Mitel CX and OpenScape Contact Center) - versions V12Rx and prior
- Mitel SIP DECT - versions 9.1, 9.2, 10.0, 10.1 and prior
- OpenScape Xpert Clients 6010P - versions V7, V8 and prior
Review the following advisories and apply the necessary updates:
| Mitel |
| 140 | Hitachi Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.001]
details...
On 26th May 2026, Hitachi published security advisories to address vulnerabilities in the following products:
- Cosminexus Developer's Kit for Java
- Hitachi Automation Director - all versions
- Hitachi Configuration Manager - all versions
- Hitachi Compute Systems Manager - all versions
- Hitachi Developer's Kit for Java
- Hitachi Device Manager - all versions
- Hitachi Dynamic Link Manager - versions prior to 9.0.0-00
- Hitachi Global Link Manager - all versions
- Hitachi Infrastructure Analytics Advisor (English version) - multiple components and versions
- Hitachi Ops Center Administrator (English version) - all versions
- Hitachi Ops Center Analyzer (English Version) - multiple components and versions
- Hitachi Ops Center Analyzer Common Services - all versions
- Hitachi Ops Center Analyzer Viewpoint (English version) - versions 10.8.1-00 to versions prior to 11.0.8-00
- Hitachi Ops Center API Configuration Manager - all versions
- Hitachi Ops Center Automator - all versions
- Hitachi Ops Center Viewpoint (Japanese version) - all versions
- Hitachi Replication Manager - versions prior to 9.0.0-00
- Hitachi Tiered Storage Manager - all versions
- Hitachi Tuning Manager - all versions
Review the following advisories and apply the necessary updates:
| Others |
| 141 | GitHub Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.002]
details...
On 26th May 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.20.x prior to 3.20.3
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.7
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.10
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.16
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.19
Review the following advisories and apply the necessary updates:
| Github |
| 142 | Microsoft Security Advisory - May 2026 monthly rollup - Update 1. [Published Date: 2026-05-27]
[Id:2026.05.27.003]
details...
On 12th May 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure AI Foundry
- Azure Cloud Shell
- Azure Connected Machine Agent
- Azure DevOps
- Azure Logic Apps
- Azure Machine Learning
- Azure Managed Instance for Apache Cassandra
- Azure Monitor Action Group notification system
- Azure Monitor Agent
- Azure Monitor Agent Metrics Extension
- Azure SDK for Java
- Copilot Chat (Microsoft Edge)
- Dynamics 365 Customer Insights
- M365 Copilot for Desktop
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5 AND 4.7.2
- Microsoft .NET Framework 3.5 AND 4.8
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft .NET Framework 4.8
- Microsoft 365
- Microsoft 365 Copilot for Android
- Microsoft 365 Copilot's Business Chat
- Microsoft Confluence SAML SSO plugin
- Microsoft Data Formulator
- Microsoft Dynamics 365
- Microsoft Dynamics 365 Business Central
- Microsoft Edge (Chromium-based)
- Microsoft Enterprise Security Token Service (ESTS)
- Microsoft Excel 2016
- Microsoft Excel for Android
- Microsoft JIRA SAML SSO plugin
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Office for Android
- Microsoft Outlook for iOS
- Microsoft Partner Center
- Microsoft PowerPoint for Android
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Teams
- Microsoft Teams for Android
- Microsoft Visual Studio 2017
- Microsoft Visual Studio 2019
- Microsoft Visual Studio 2022
- Microsoft Visual Studio 2026
- Microsoft Word 2016
- Microsoft Word for Android
- Office Online Server
- Power Automate for Desktop
- Visual Studio Code
- Visual Studio Code - Live Preview extension
- Windows 10
- Windows 11
- Windows Admin Center
- Windows Admin Center in Azure Portal
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2025
Update 1
On 21st May 2026, Microsoft published an out-of-band (OOB) security update to address CVE-2026-45659, an additional vulnerability impacting Microsoft SharePoint Enterprise Server 2019, Microsoft SharePoint Server 2016 and Microsoft SharePoint Server Subscription Edition. The CVE was inadvertently omitted from the May 2026 Security Updates.
Review the provided web links and apply the necessary updates.
| Microsoft |
| 143 | Veeam Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.004]
details...
On 27th May 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Veeam Backup & Replication - 13 versions prior to 13.0.2.29
- Veeam ONE - versions prior to 13.0.2.6723
- Veeam Service Provider Console - 9.2 versions prior to 9.2.1.33875
Review the following advisories and apply the necessary updates:
| Veeam |
| 144 | Jenkins Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.005]
details...
On 27th May 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Active Directory Plugin - version 2.4.1 and prior
- AppSpider Plugin - version 1.0.17 and prior
- Bitbucket OAuth Plugin - version 0.17 and prior
- buildgraph-view Plugin - version 1.8 and prior
- Credentials Binding Plugin - version 720.v3f6decef43ea_ and prior
- Email Extension Plugin - version 1933.v45cec755423f and prior
- GitHub Integration Plugin - version 0.7.3 and prior
- Job Import Plugin - version 143.v044a_2e819b_27 and prior
- LDAP Plugin - version 807.v7d7de30930cf and prior
- Pipeline: Groovy Libraries Plugin - version 797.v90ea_a_9b_e45a_0 and prior
- Multijob Plugin - version 662.vd2e0001f6b_b_d and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 145 | GitLab Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.006]
details...
On 27th May 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 19.0.1, 18.11.4, 18.10.7
- GitLab Enterprise Edition (EE) - versions prior to 19.0.1, 18.11.4, 18.10.7
Review the following advisories and apply the necessary updates:
| Gitlab |
| 146 | Google Chrome Security Advisory. [Published Date: 2026-05-27]
[Id:2026.05.27.007]
details...
On 27th May 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 148.0.7778.216/217 for Windows, 148.0.7778.215/216 Mac, and 148.0.7778.215 for Linux.
Review the Google security bulletins and apply the required updates. | Google |
| 147 | IBM Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.001]
details...
Between 18th and 24th May 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- API Connect - versions V10.0.8.0 to 10.0.8.8
- Analyst Workflow - versions 2.0.0 to 3.0.0
- Data Cataloging - versions 2.1.8 to 2.5.1
- DevOps Test Performance - versions 11.0 to 11.0.6
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.25
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.7.1
- IBM App Connect Operator - multiple versions
- IBM App Connect for Manufacturing - versions 13.0.0.0 to 13.0.1.0
- IBM Aspera High-Speed Transfer Endpoint - versions 3.7.4 to 4.4.7 Fix Pack 1
- IBM Aspera High-Speed Transfer Server - versions 3.7.4 to 4.4.7 Fix Pack 1
- IBM Cognos Analytics Mobile - versions 1.1.0 to 1.1.25
- IBM Data Studio client - version 4.2.2
- IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - multiple versions
- IBM DevOps Code ClearCase - version 11.0
- IBM Fusion HCI - versions 2.10.0 to 2.12.1
- IBM Fusion - versions 2.9.0 to 2.12.1
- IBM Guardium Data Protection - versions 12.0, 12.1 and 12.2
- IBM Library Support for Spring - versions 3.2 to 3.2.25
- IBM Library Support for Spring - version 3.4 to 3.4.16
- IBM MQ Agent - version v1.0.0
- IBM Rational ClearCase - version 10.0.0
- IBM Rational ClearCase - version 9.1
- IBM SPSS Analytic Server - multiple versions
- IBM Security Verify Access OIDC Provider - versions 22.09 to 26.03
- IBM Sterling Transformation Extender - versions 11.0.1.1 and 11.0.2.0
- IBM Storage Defender - Data Protect - versions 2.0.0 to 2.1.3
- IBM Storage Defender - Resiliency Service - versions 2.0.0 to 2.1.3
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.3.1
- IBM voice-gateway/media-relay - version 1.0.8.31
- IBM voice-gateway/sip-orchestrator - version 1.0.8.25
- IBM voice-gateway/sms-gateway - version 1.0.8.19
- IBM voice-gateway/stt-adapter - version 1.0.8.20
- IBM voice-gateway/tts-adapter - version 1.0.8.20
- IBM watsonx Code Assistant On Prem - multiple versions
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 5.0.0 to 5.3.1
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.9.0
- Langflow OSS - versions 1.0.0 to 1.9.1
- Rational Business Developer (RBD) - versions 9.6 to 9.6.1.1
- Rational Business Developer (RBD) - versions 9.7 to 9.7.1
- Rational Performance Tester - multiple versions
- SPSS Collaboration and Deployment Services - multiple versions
- z/Transaction Processing Facility - version 1.1
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 148 | Roundcube Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.002]
details...
On 24th May 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Roundcube Webmail - versions prior to 1.6.16
- Roundcube Webmail - versions prior to 1.7.1
Review the following advisories and apply the necessary updates:
| Roundcube |
| 149 | Dell Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.003]
details...
Between 18th and 24th May 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Networking OS10 - versions prior to 10.5.6.13
- SmartFabric Storage Software - versions prior to 1.4.5
- Dell Container Storage Modules - versions 1.6.0 to 1.16.3
- Dell Container Storage Modules - versions 1.11.0 to 1.16.3
Review the following advisories and apply the necessary updates:
| Dell |
| 150 | Ubuntu Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.004]
details...
Between 18th and 24th May 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 151 | Red Hat Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.005]
details...
Between 18th and 24th May 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 152 | cPanel Security Advisory. [Published Date: 2026-05-25]
[Id:2026.05.25.006]
details...
On 22nd May 2026, cPanel published security advisories to address vulnerabilities in the following products:
- ea-nginx - version v1.31.0
- ea-nginx-passenger - version v6.1.2
Review the following advisories and apply the necessary updates:
| Others |
| 153 | TP-Link Security Advisory. [Published Date: 2026-05-24]
[Id:2026.05.24.001]
details...
On 22nd May 2026, TP-Link published security advisories to address vulnerabilities in the following products:
- Model RE305 prior to V1_20260515
- Model RE360 prior to V1_20260515
- Model RE580D prior to V1_20260515
- Model RE650 prior to V1_20260429
- Model TL-WA860RE prior to V4_20260515
Review the following advisories and apply the necessary updates:
| Others |
| 154 | Microsoft Edge Security Advisory. [Published Date: 2026-05-22]
[Id:2026.05.22.001]
details...
On 21st May 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 148.0.3967.83.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 155 | cPanel Security Advisory. [Published Date: 2026-05-22]
[Id:2026.05.22.002]
details...
On 21st May 2026, cPanel published security advisories to address vulnerabilities in the following products:
- cPanel & WebHost Manager (WHM) software - version 11.126.0.63 and later, version 11.134.0.30 and later, version 11.136.0.14 and later, WP Squared 11.138.1.1 and later
- EasyApache4 - versions prior to v25.62
Review the following advisories and apply the necessary updates:
| Others |
| 156 | Drupal security advisory - Update 2. [Published Date: 2026-05-22]
[Id:2026.05.22.003]
details...
On 20th May 2026, Drupal published security advisories to address vulnerabilities in Drupal Core - multiple versions.
Update 1
Drupal has indicated that exploit attempts for CVE-2026-9082 are now being detected in the wild.
Update 2
On 22nd May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-9082 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates or perform the suggested mitigations.
| Drupal |
| 157 | F5 Security Advisory. [Published Date: 2026-05-22]
[Id:2026.05.22.004]
details...
On 22nd May 2026, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- NGINX Plus - multiple versions
- NGINX Open Source - multiple versions
- NGINX Instance Manager - versions 2.17.0 to 2.22.0
- F5 WAF for NGINX - versions 5.9.0 to 5.13.0
- NGINX App Protect WAF - multiple versions
- F5 DoS for NGINX - version 4.9.0
- NGINX App Protect DoS - versions 4.3.0 to 4.7.0
- NGINX Gateway Fabric - multiple versions
- NGINX Ingress Controller - multiple versions
Review the following F5 Security Advisory and apply the necessary updates.
| F5 |
| 158 | HPE Security Advisory. [Published Date: 2026-05-22]
[Id:2026.05.22.005]
details...
On 22nd May 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Universal SLA Management - version 4.6 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 159 | Trend Micro Security Advisory. [Published Date: 2026-05-21]
[Id:2026.05.21.001]
details...
On 21st May 2026, Trend Micro published a security advisory to address vulnerabilities in the following products:
- Apex One (on-premise) - server/agent builds prior to 2019 (on-prem) build 17079
- Apex One as a service - SaaS
- Trend Vision One Endpoint - SEP - agent builds prior to 14.0.20731
Review the following advisories and apply the necessary updates:
| Trendmicro |
| 160 | FreeBSD Security Advisory. [Published Date: 2026-05-21]
[Id:2026.05.21.002]
details...
On 21st May 2026, FreeBSD published security advisories addressing vulnerabilities in all supported versions.
Review the FreeBSD Security Advisories and apply the necessary updates.
| Others |
| 161 | Trend Micro Security Advisory - Update 1. [Published Date: 2026-05-21]
[Id:2026.05.21.003]
details...
On 21st May 2026, Trend Micro published a security advisory to address vulnerabilities in the following products:
- Apex One (on-premise) - server/agent builds prior to 2019 (on-prem) build 17079
- Apex One as a service - SaaS
- Trend Vision One Endpoint - SEP - agent builds prior to 14.0.20731
Update 1
On 21st May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-34926 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Trendmicro |
| 162 | Splunk Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.001]
details...
On 20th May 2026, Splunk published a security update to address vulnerabilities in the following products.
- Splunk User Behavior Analytics - versions prior to 5.4.5
- Splunk AppDynamics Machine Agent - versions prior to 26.4.0
- Splunk AppDynamics Java Agent - versions prior to 26.4.0
- Splunk AppDynamics Private Synthetic Agent - versions prior to 26.4.0
- Splunk AppDynamics Python Agent - versions prior to 26.4.1
- Splunk AppDynamics Cluster Agent - versions prior to 26.4.0
- Splunk AppDynamics Database Agent - versions prior to 26.4.0
- Splunk AppDynamics Analytics Agent - versions prior to 26.4.0
- Splunk AppDynamics Apache Web Server Agent - versions prior to 25.11.1
- Splunk Universal Forwarder - versions 9.4.0 to 9.4.10
- Splunk Enterprise - multiple versions and platforms
- Splunk Cloud Platform - multiple versions and platforms
- Splunk AI Toolkit - versions prior to 5.7.3
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 163 | Drupal Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.002]
details...
On 20th May 2026, Drupal published security advisories to address vulnerabilities in Drupal Core - multiple versions.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 164 | ISC BIND Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.003]
details...
On 20th May 2026, ISC published security advisories to address vulnerabilities in the following products:
- ISC BIND 9 - versions 9.0.0 to 9.16.50
- ISC BIND 9 - versions 9.18.0 to 9.18.48
- ISC BIND 9 - versions 9.20.0 to 9.20.22
- ISC BIND 9 - versions 9.21.0 to 9.21.21
- BIND Supported Preview Edition - versions 9.9.3-S1 to 9.16.50-S1
- BIND Supported Preview Edition - versions 9.18.11-S1 to 9.18.48-S1
- BIND Supported Preview Edition - versions 9.20.9-S1 to 9.20.22-S1
Review the following advisories and apply the necessary updates:
| ISC |
| 165 | Microsoft Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.004]
details...
On 19th May 2026, Microsoft published a security advisory to address a critical vulnerability in the following products:
- Microsoft Azure Local
- Microsoft Azure Resource Manager
- Microsoft Azure Portal Windows Admin Center
- Microsoft Bitlocker
- Microsoft Malware Protection Engine - versions prior to 1.1.26040.8
- Microsoft Defender - versions prior to 4.18.26040.7
On 20th May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-41091 and CVE-2026-45498 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following provided web links and apply the necessary updates when available:
| Microsoft |
| 166 | cPanel Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.005]
details...
On 19th May 2026, cPanel published security advisories to address vulnerabilities in cPanel & WebHost Manager (WHM) software - version 11.86.0.45, 11.94.0.32, 11.102.0.43, 11.110.0.120 (cl6110), 11.110.0.121, 11.118.0.68, 11.124.0.41, 11.126.0.62, 11.130.0.26, 11.132.0.35, 11.134.0.29, 11.136.0.13, WP Squared 11.136.1.16 and prior.
Review the following advisories and apply the necessary updates:
| Others |
| 167 | HPE Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.006]
details...
On 19th April 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Aruba Networking Management Software (Airwave) – version 8.3.0.6 and prior
- HPE Aruba Networking AOS-CX - multiple versions
- HPE Aruba Networking EdgeConnect Orchestrator - all versions
- HPE Aruba Networking Analytics and Location Engine (ALE) - all versions
- HPE Aruba Networking Meridian Asset Tracking - all versions
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 168 | Google Chrome Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.007]
details...
On 19th May 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 148.0.7778.178/179 (Windows/Mac) and 148.0.7778.178 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 169 | F5 Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.008]
details...
On 19th May 2026, F5 published a security advisory to address a critical vulnerability in the NGINX JavaScript (njs) - versions 0.9.4 to 0.9.8.
Review the following F5 Security Advisory and apply the necessary updates
| F5 |
| 170 | FreePBX Security Advisory. [Published Date: 2026-05-20]
[Id:2026.05.20.009]
details...
On 19th May 2026, FreePBX published security advisories to address vulnerabilities in the following products:
- FreePBX Security-Reporting cdr (FreePBX 16) - versions 16.0.50 and prior
- FreePBX Security-Reporting cdr (FreePBX 17) - versions 17.0.11 and prior
- FreePBX Security-Reporting dashboard (FreePBX 16) - versions 16.0.22 and prior
- FreePBX Security-Reporting dashboard (FreePBX 17) - versions 17.0.5 and prior
Review the following advisories and apply the necessary updates:
| FreePBX |
| 171 | Microsoft Edge Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.001]
details...
On 15th May 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 148.0.3967.70.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 172 | HPE Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.002]
details...
On 18th May 2026, HPE published a security advisory to address vulnerabilities in the HPE Unified OSS Console (UOC) - version 3.1.20 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 173 | Mozilla Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.003]
details...
On 19th May 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 151
- Firefox ESR - versions prior to 115.36
- Firefox ESR - versions prior to 140.11
Review the following advisories and apply the necessary updates:
| Mozilla |
| 174 | IBM Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.004]
details...
Between 11th and 17th May 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Robotic Process Automation for Cloud Pak - versions 23.0.0 to 23.0.20.5
- IBM Robotic Process Automation for Cloud Pak - versions 30.0.0 to 30.0.1
- IBM Operator for Apache Flink - versions 1.0.0 to 1.5.1
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.7.1
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.25
- ICP Discovery - versions 5.0.0 to 5.3.1
- IBM Operational Decision Manager - multiple versions
- IBM Cloudera Data Platform Private Could Base - versions 7.1.9, 7.3.1 and 7.3.2
- IBM Data Virtualization on Cloud Pak for Data - multiple versions
- IBM Fusion - versions 2.9.0 to 2.12.1
- IBM Fusion HCI - versions 2.10.0 to 2.12.1
- Content-Aware Storage - versions 1.1.2 to 1.1.3
- IBM Engineering AI Hub - versions 1.0.0 and 1.1.0
- IBM Integration Bus for z/OS - versions 10.1.0.0 to 10.1.0.7
- IBM MQ Operator - multiple versions and models
- IBM supplied MQ Advanced container images - multiple versions and models
- IBM Open SDK for Rust on AIX - versions 1.90.0.0, 1.90.0.1, 1.92.0.0 and 1.92.0.1
- IBM Watson Knowledge Catalog on prem - versions 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1.0, 5.1.1, 5.1.2 and 5.1.3
- IBM Watson Query on Cloud Pak for Data - version 2.2
- IBM Big SQL on Cloud Pak for data - multiple versions
- Platform Navigator in IBM Cloud Pak for Integration (CP4I) - multiple versions
- Automation Assets in IBM Cloud Pak for Integration (CP4I) - multiple versions
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 175 | Dell Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.005]
details...
Between 11th and 17th May 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Enterprise Sonic Distribution - versions prior to 4.5.3
- Dell Live Optics Collector) - versions prior to 27.1.10.1
- Intel 800 Series Ethernet Adapters - versions prior to 30.5.0.13
- Dell PowerEdge with AMD Graphics - multiple models and versions
- PowerScale InsightIQ - versions 5.0.0 to 6.2.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 176 | Red Hat Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.006]
details...
Between 11th and 17th May 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 177 | Ubuntu Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.007]
details...
Between 11th and 17th May 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 178 | Atlassian Security Advisory. [Published Date: 2026-05-19]
[Id:2026.05.19.008]
details...
On 19th May 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Fisheye/Crucible - versions 4.9.0 to 4.9.9
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 179 | Microsoft Security Advisory [Published Date: 2026-05-15]
[Id:2026.05.15.001]
details...
On 14th May 2026, Microsoft published a security advisory to address a critical vulnerability in the following products:
- Microsoft Exchange Server 2016 on premises versions (any update level)
- Microsoft Exchange Server 2019 on premises versions (any update level)
- Exchange Server Subscription Edition (SE) on premises versions (any update level)
Microsoft is aware of limited exploitation of CVE-2026-42897.
Review the following provided web links and apply the necessary updates when available
| Microsoft |
| 180 | FreePBX Security Advisory. [Published Date: 2026-05-15]
[Id:2026.05.15.002]
details...
On 15th May 2026, FreePBX published security advisories to address vulnerabilities in the following products:
- FreePBX Security-Reporting userman (FreePBX 16) - versions 16.0.45 and prior
- FreePBX Security-Reporting userman (FreePBX 17) - versions 17.0.7 and prior
Review the following advisories and apply the necessary updates:
| FreePBX |
| 181 | GitLab security advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.001]
details...
On 13th May 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.11.3, 18.10.6, and 18.9.7
- GitLab Enterprise Edition (EE) - versions prior to 18.11.3, 18.10.6, and 18.9.7
Review the following advisories and apply the necessary updates:
| Gitlab |
| 182 | MongoDB Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.002]
details...
| MongoDB |
| 183 | Broadcom VMware Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.003]
details...
On 14 th May 2026, VMware published security advisories to address vulnerabilities in VMware Fusion - versions prior to 26H1.
Review the following advisories and apply the necessary updates:
| Broadcom |
| 184 | PostgreSQL Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.004]
details...
On 14th May 2026, PostgreSQL published security advisories to address vulnerabilities in the following products:
- PostgreSQL - 14.x versions prior to 14.23
- PostgreSQL - 15.x versions prior to 15.18
- PostgreSQL - 16.x versions prior to 16.14
- PostgreSQL - 17.x versions prior to 17.10
- PostgreSQL - 18.x versions prior to 18.4
Review the following advisories and apply the necessary updates:
| Postgresql |
| 185 | Cisco Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.005]
details...
On 14th May 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Catalyst SD-WAN Release - versions 20.9 and prior
- Cisco Catalyst SD-WAN Release - versions 20.10 and prior
- Cisco Catalyst SD-WAN Release - versions 20.11 and prior
- Cisco Catalyst SD-WAN Release - versions 20.12 and prior
- Cisco Catalyst SD-WAN Release - versions 20.13 and prior
- Cisco Catalyst SD-WAN Release - versions 20.14 and prior
- Cisco Catalyst SD-WAN Release - versions 20.15 and prior
- Cisco Catalyst SD-WAN Release - versions 20.16 and prior
- Cisco Catalyst SD-WAN Release - versions 20.18 and prior
- Cisco Catalyst SD-WAN Release - versions 26.1 and prior
Cisco is aware of limited exploitation of CVE-2026-20182.
On 14 th May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20182 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following advisories and apply the necessary updates:
| Cisco |
| 186 | Tenable Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.006]
details...
On 14th May 2026, Tenable released security updates to address vulnerabilities in Tenable Network Monitor - versions prior to 6.5.4.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 187 | Cisco Security Advisory. [Published Date: 2026-05-14]
[Id:2026.05.14.007]
details...
On 14th May 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Secure Workload - version 3.9 and prior
- Cisco Secure Workload - versions prior to 3.10.8.3
- Cisco Secure Workload - versions prior to 4.0.3.17
Review the following advisories and apply the necessary updates:
| Cisco |
| 188 | HPE Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.001]
details...
On 12th April 2026, HPE published a security advisory to address vulnerabilities in the following products:
- ArubaOS AOS-10.8.x.x - version 10.8.0.0 and prior
- ArubaOS AOS-10.7.x.x - version 10.7.2.2 and prior
- ArubaOS AOS-10.4.x.x - version 10.4.1.10 and prior
- ArubaOS AOS-8.13.x.x - version 8.13.1.1 and prior
- ArubaOS AOS-8.12.x.x - version 8.12.0.6 and prior
- ArubaOS AOS-8.10.x.x - version 8.10.0.21 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 189 | Google Chrome Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.002]
details...
On 12th May 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 148.0.7778.167/168 (Windows/Mac) and 148.0.7778.167 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 190 | n8n Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.003]
details...
On 13th May 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (Pagination Prototype Pollution) - multiple versions
- n8n (Dynamic Credential OAuth Endpoints) - multiple versions
- n8n (Source Control) - multiple versions
- n8n (XML Node Prototype Pollution) - multiple versions
- n8n (Git Node) - multiple versions
Review the provided n8n Security and apply the necessary updates. | n8n |
| 191 | Exim Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.004]
details...
On 12th May 2026, Intel published security advisories to address vulnerabilities in Exim - version 4.97 to 4.99.2
Review the following advisories and apply the necessary updates:
| Others |
| 192 | F5 Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.005]
details...
On 13th May 2026, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- BIG-IP (all modules) - multiple versions
- BIG-IP APM - multiple versions
- BIG-IP Advanced WAF/ASM - multiple versions
- BIG-IP BIG-IP Advanced WAF/ASM and BIG-IP DDoS Hybrid Defender - multiple versions
- BIG-IP Next CNF - multiple versions
- BIG-IP Next CNF - versions 2.0.0 to 2.0.2, versions 1.1.0 to 1.4.0
- BIG-IP Next CNF - versions 2.0.0 to 2.2.1, versions 1.1.0 to 1.4.1
- BIG-IP Next SPK - versions 2.0.0 to 2.0.2, versions 1.7.0 to 1.7.15
- BIG-IP Next SPK - versions 2.0.0 to 2.0.2, versions 1.7.0 to 1.7.16
- BIG-IP Next SPK - versions 2.0.0 to 2.0.3, versions 1.7.0 to 1.9.2
- BIG-IP Next for Kubernetes - version 2.0.0
- BIG-IP Next for Kubernetes - versions 2.0.0 to 2.1.0
- BIG-IP Next for Kubernetes - versions 2.0.0 to 2.1.1
- BIG-IP PEM - multiple versions
- BIG-IQ Centralized Management - version 8.4.0
- F5 DoS for NGINX - version 4.8.0
- F5 WAF for NGINX - versions 5.9.0 to 5.12.1
- NGINX App Protect DoS - versions 4.3.0 to 4.7.0
- NGINX App Protect WAF - versions 5.1.0 to 5.8.0, versions 4.9.0 to 4.16.0
- NGINX Gateway Fabric - versions 2.0.0 to 2.5.1, versions 1.3.0 to 1.6.2
- NGINX Ingress Controller - multiple versions
- NGINX Instance Manager - versions 2.16.0 to 2.21.1
- NGINX Open Source - versions 1.0.0 to 1.30.0, versions 0.6.27 to 0.9.7
- NGINX Plus - versions R32 to R36
Review the following F5 Security Advisory and apply the necessary updates.
| F5 |
| 193 | Palo Alto Networks Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.006]
details...
On 13th May 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 - versions prior to 12.1.4-h5
- PAN-OS 12.1 - versions prior to 12.1.7
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 194 | Drupal Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.007]
details...
On 13th May 2026, Drupal published security advisories to address vulnerabilities in Date iCal - versions prior to 4.0.15.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 195 | cPanel Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.008]
details...
On 13th May 2026, cPanel published security advisories to address vulnerabilities in cPanel & WebHost Manager (WHM) software – versions prior to 11.86.0.44, 11.94.0.31, 11.102.0.42, 11.110.0.118, 11.118.0.67, 11.124.0.38, 11.126.0.59, 11.130.0.23, 11.132.0.32, 11.134.0.26, 11.136.0.10 and WP Squared 11.136.1.12.
Review the cPanel Security Advisory and apply the necessary updates. | Others |
| 196 | HPE Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.009]
details...
On 12th May 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Intelligent Assurance - version 4.2.14.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 197 | Apple Security Advisory. [Published Date: 2026-05-13]
[Id:2026.05.13.010]
details...
On 13th May 2026, Apple published a security update to address vulnerabilities in Safari - versions prior to 26.5.
Review the provided web links and apply the necessary updates.
| Apple |
| 198 | SAP security advisory - May 2026 Monthly Rollup. [Published Date: 2026-05-12]
[Id:2026.05.12.001]
details...
On 12th May 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP S/4HANA (SAP Enterprise Search for ABAP) - versions SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP Commerce cloud - versions HY_COM 2205, COM_CLOUD 2211 and 2211-JDK21
- SAP Forecasting and Replenishment - versions SCM 702, 712, 713 and 714
- SAP NetWeaver Application Server for ABAP and ABAP Platform – versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP S/4HANA Condition Maintenance - versions S4CORE 102, 103, 104, 105, 106, 107, 108 and 109
- Business Server Pages Application (TAF_APPLAUNCHER) - versions ST-PI 740 and 758
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
- SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard) - versions SEM-BW 605, 700, 736, 746, 747, 748, 749 and 800
- SAP Commerce Cloud (Apache Log4j) - versions HY_COM 2205, COM_CLOUD 2211 and 2211-JDK21
- SAPUI5 (Search UI) - versions SAPUI5 1.108, 1.120, 1.136, 1.142, 1.71, 1.84 and 1.96
- SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages) - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816 and SAP_BASIS 918
- SAP Financial Consolidation - version FINANCE 1010
- SAP Incentive and Commission Management - versions SAP_APPL 618, S4CORE 102, 103, 104, 105, 106, 107, 108, 109, EA-APPL 600, 604, 605, 606 and 617
- SAP Application Server ABAP for SAP NetWeaver and ABAP Platform - versions SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP HANA Deployment Infrastructure (HDI) deploy library - version XS_HDI_DEPLOYER 1.00
Review the SAP Security Patch Day - May 2026 and apply the necessary updates. | SAP |
| 199 | Ivanti Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.002]
details...
On 12th May 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Ivanti Xtraction - version 2026.1 and prior
- Ivanti Endpoint Manager (EPM) - version 2024 SU5 and prior
- Ivanti Virtual Traffic Manager (vTM) - version 22.9r3 and prior
- Ivanti Secure Access Client (Windows) - version 22.8R5 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 200 | Mozilla Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.003]
details...
On 12th May 2026, Mozilla published security advisories to address vulnerabilities in the Firefox - versions prior to 150.0.3
Review the following advisories and apply the necessary updates:
| Mozilla |
| 201 | Adobe Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.004]
details...
On 12th May 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Premiere - version 26.0.2 and prior
- Adobe Premiere Pro - version 25.6.4 and prior
- Adobe Media Encoder - version 25.6.4 and prior, version 26.0.2 and prior
- Adobe After Effects - version 25.6.4 and prior, version 26.0 and prior
- Adobe Commerce - multiple versions
- Adobe Commerce B2B - multiple versions
- Magento Open Source - multiple versions
- Adobe Connect Desktop Application - version 2025.9.15 (Windows) and version 2025.8.157 (macOS)
- Illustrator 2025 - version 29.8.6 and prior
- Illustrator 2026 - version 30.3 and prior
- Adobe Substance 3D Designer - version 15.1.0 and prior
- Content Authenticity JS SDK - version @contentauth/c2pa-web@0.7.0
- Content Authenticity Rust SDK - version c2pa-v0.78.2
- Adobe Substance 3D Sampler - version 5.1.3 and prior
- Adobe Substance 3D Painter - version 12.0.2 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 202 | Intel Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.005]
details...
On 12th May 2026, Intel published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Display Virtualization for Windows OS driver software - versions prior to 2119
- Intel EMA software - versions prior to 1.14.5
- AI Playground software - versions prior to 3.0.0 alpha
- Intel Vision software - all versions
Review the following advisories and apply the necessary updates:
| Intel |
| 203 | Fortinet Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.006]
details...
On 12th May 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiAuthenticator 8.0 - version 8.0.2
- FortiAuthenticator 8.0 - version 8.0.0
- FortiAuthenticator 6.6 - versions 6.6.0 to 6.6.8
- FortiAuthenticator 6.5 - versions 6.5.0 to 6.5.6
- FortiOS 7.6 - versions 7.6.0 to 7.6.3
- FortiOS 7.4 - versions 7.4.0 to 7.4.8
- FortiOS 7.2 - versions 7.2.0 to 7.2.11
- FortiSandbox 5.0 - versions 5.0.0 to 5.0.1
- FortiSandbox 4.4 - versions 4.4.0 to 4.4.8
- FortiSandbox Cloud 24 - all versions
- FortiSandbox Cloud 23 - all versions
- FortiSandbox Cloud 5.0 - versions 5.0.2 to 5.0.5
- FortiSandbox PaaS 23.4 - 23.4 all versions
- FortiSandbox PaaS 23.3 - 23.3 all versions
- FortiSandbox PaaS 23.1 - 23.1 all versions
- FortiSandbox PaaS 22.2 - 22.2 all versions
- FortiSandbox PaaS 22.1 - 22.1 all versions
- FortiSandbox PaaS 21.4 - 21.4 all versions
- FortiSandbox PaaS 21.3 - 21.3 all versions
- FortiSandbox PaaS 5.0 - versions 5.0.0 to 5.0.1
- FortiSandbox PaaS 4.4 - versions 4.4.5 to 4.4.8
Review the following advisories and apply the necessary updates:
| Fortinet |
| 204 | AMD Security Advisory. [Published Date: 2026-05-12]
[Id:2026.05.12.007]
details...
On 12th May 2026, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided AMD Product Security and perform the suggested mitigations. | AMD |
| 205 | Microsoft Security Advisory - May 2026 monthly rollup. [Published Date: 2026-05-12]
[Id:2026.05.12.008]
details...
On 12th May 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure AI Foundry
- Azure Cloud Shell
- Azure Connected Machine Agent
- Azure DevOps
- Azure Logic Apps
- Azure Machine Learning
- Azure Managed Instance for Apache Cassandra
- Azure Monitor Action Group notification system
- Azure Monitor Agent
- Azure Monitor Agent Metrics Extension
- Azure SDK for Java
- Copilot Chat (Microsoft Edge)
- Dynamics 365 Customer Insights
- M365 Copilot for Desktop
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5 AND 4.7.2
- Microsoft .NET Framework 3.5 AND 4.8
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft .NET Framework 4.8
- Microsoft 365
- Microsoft 365 Copilot for Android
- Microsoft 365 Copilot's Business Chat
- Microsoft Confluence SAML SSO plugin
- Microsoft Data Formulator
- Microsoft Dynamics 365
- Microsoft Dynamics 365 Business Central
- Microsoft Edge (Chromium-based)
- Microsoft Enterprise Security Token Service (ESTS)
- Microsoft Excel 2016
- Microsoft Excel for Android
- Microsoft JIRA SAML SSO plugin
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Office for Android
- Microsoft Outlook for iOS
- Microsoft Partner Center
- Microsoft PowerPoint for Android
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Teams
- Microsoft Teams for Android
- Microsoft Visual Studio 2017
- Microsoft Visual Studio 2019
- Microsoft Visual Studio 2022
- Microsoft Visual Studio 2026
- Microsoft Word 2016
- Microsoft Word for Android
- Office Online Server
- Power Automate for Desktop
- Visual Studio Code
- Visual Studio Code - Live Preview extension
- Windows 10
- Windows 11
- Windows Admin Center
- Windows Admin Center in Azure Portal
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2025
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 206 | IBM Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.001]
details...
Between 4th and 10th May 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Aspera Faspex 5 - versions 5.0.0 to 5.0.15.1
- Automation Assets in IBM Cloud Pak for Integration (CP4I) - multiple versions
- Automation Assets in IBM Cloud Pak for Integration - multiple versions
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.25
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.7.1
- IBM App Connect Operator - multiple versions
- IBM Automation Decision Services - multiple versions
- IBM Business Automation Insights - multiple versions
- IBM CICS TX Advanced - version 10.1
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Content Navigator - multiple versions
- IBM Edge Data Collector - versions 9.1, 9.0 and 8.11
- IBM Engineering AI Hub - versions 1.0.0 and 1.1.0
- IBM Industry Solutions Workbench - multiple versions
- IBM MQ - multiple versions and models
- IBM Maximo Application Suite - IoT Component - multiple versions
- IBM Maximo Application Suite - Optimizer Component - all versions
- IBM Maximo Application Suite - Visual Inspection Component - multiple versions
- IBM Netezza Analytics for NPS - versions 11.2.0.0 to 11.2.29
- IBM Observability with Instana (OnPrem) - versions Build 1.0.285 to 1.0.315
- IBM Quantum Safe Explorer - versions 2.2.2 to 2.3.0
- IBM Quantum Safe Remediator - versions 1.0.1 to 1.1.1
- IBM SOAR QRadar Plugin App - version 3.1
- IBM SPSS Statistics Client and Server - multiple versions
- IBM TXSeries for Multiplatforms - multiple versions
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.6.0
- Platform Navigator in IBM Cloud Pak for Integration (CP4I) - multiple versions
- Platform Navigator in IBM Cloud Pak for Integration - multiple versions
- PowerVC - versions 2.2.1.2, 2.3.0, 2.3.1 and 2.3.2
- QRadar AI Assistant - versions 1.0.0 to 1.4.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 207 | Dell Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.002]
details...
Between 4th and 11th May 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- PowerScale A300/A3000/H700/H7000 - versions prior to 13.2.3
- Elastic Cloud Storage (ECS) - versions 3.8.1.0 to 3.8.1.7
- ObjectScale - versions prior to 4.3.0.0
Review the following advisories and apply the necessary updates:
| Dell |
| 208 | Ubuntu Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.003]
details...
Between 4th and 10th May 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 209 | Red Hat Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.004]
details...
Between 4th and 10th May 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 210 | Spring Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.005]
details...
On 8th May 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring AI - 1.0.x versions prior to 1.0.7
- Spring AI - 1.1.x versions prior to 1.1.6
Review the provided web links and apply the necessary updates.
| Others |
| 211 | JetBrains Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.006]
details...
On 11th May 2026, JetBrains published security advisories to address JetBrains TeamCity - versions prior to 2026.1 and 2025.11.5.
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 212 | Apple Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.007]
details...
On 11th May 2026, Apple published a security update to address vulnerabilities in the following products:
- iOS - versions prior to 26.5
- iPadOS - versions prior to 26.5
- iOS - versions prior to 18.7.9
- iPadOS - versions prior to 18.7.9
- iPadOS - versions prior to 17.7.11
- iOS - versions prior to 16.7.16
- iPadOS - versions prior to 16.7.16
- iOS - versions prior to 15.8.8
- iPadOS - versions prior to 15.8.8
- macOS Tahoe - versions prior to 26.5
- macOS Sequoia - versions prior to 15.7.7
- macOS Sonoma - versions prior to 14.8.7
- tvOS - versions prior to 26.5
- watchOS - versions prior to 26.5
- visionOS - versions prior to 26.5
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 213 | Broadcom VMware Security Advisory. [Published Date: 2026-05-11]
[Id:2026.05.11.008]
details...
On 8th May 2026, VMware published security advisories to address vulnerabilities in VMware Tanzu RabbitMQ on Kubernetes, including versions prior to 4.3.0, 4.2.6, 4.1.11, 4.0.20, and 3.13.15.
Review the following advisories and apply the necessary updates:
| Broadcom |
| 214 | Microsoft Edge Security Advisory. [Published Date: 2026-05-08]
[Id:2026.05.08.001]
details...
On 7th May 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 148.0.3967.54.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 215 | cPanel Security Advisory. [Published Date: 2026-05-08]
[Id:2026.05.08.002]
details...
On 8th May 2026, cPanel published security advisories to address vulnerabilities in cPanel & WebHost Manager (WHM) software - versions prior to 11.136.0.9, 11.134.0.25, 11.132.0.31, 11.130.0.22, 11.126.0.58, 11.124.0.37, 11.118.0.66, 11.110.0.116, 11.110.0.117, 11.102.0.41, 11.94.0.30, 11.86.0.43 and WP Squared 11.136.1.10.
Review the following advisories and apply the necessary updates:
| Others |
| 216 | VM2 Node.js Library Security Advisory. [Published Date: 2026-05-07]
[Id:2026.05.07.002]
details...
On 4th May 2026, Spring published security advisories to address vulnerabilities in the VM2 Node.js sandboxing library - versions prior to 3.11.2.
Review the provided web links and apply the necessary updates.
| NodeJS |
| 217 | Mozilla Security Advisory. [Published Date: 2026-05-07]
[Id:2026.05.07.003]
details...
On 7th May 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 150.0.2
- Firefox ESR - versions prior to 140.10.2
- Firefox ESR - versions prior to 115.35.2
Review the following advisories and apply the necessary updates:
| Mozilla |
| 218 | Broadcom VMware Security Advisory. [Published Date: 2026-05-07]
[Id:2026.05.07.004]
details...
Between 6th and 7th May 2026, VMware published security advisories to address vulnerabilities in the following products:
- Tanzu Greenplum Command Center - versions prior to 6.17.0
- Tanzu Greenplum Command Center - versions prior to 7.7.0
- Tanzu Greenplum Data Copy Utility - versions prior to 2.9.3
- Tanzu for MySQL on Kubernetes - versions prior to 2.0.3
- Tanzu Greenplum Streaming Server for Kubernetes - versions prior to 1.3.0
- Tanzu Greenplum Streaming Server - versions prior to 2.3.0
- Tanzu Greenplum Streaming on Kubernetes - versions prior to 1.1.0
- Tanzu Greenplum Text - versions prior to 4.0.0
- Tanzu for Valkey on Kubernetes - versions prior to 3.3.4
- Tanzu for Valkey on Kubernetes - versions prior to 3.4.0
Review the Security Advisories - Tanzu and apply the necessary updates. | Broadcom |
| 219 | Ivanti Security Advisory. [Published Date: 2026-05-07]
[Id:2026.05.07.005]
details...
On 7th May 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Ivanti Endpoint Manager Mobile (EPMM) - versions prior to 12.6.1.1
- Ivanti Endpoint Manager Mobile (EPMM) - versions prior to 12.7.0.1
- Ivanti Endpoint Manager Mobile (EPMM) - versions prior to 12.8.0.1
- Ivanti has indicated that CVE-2026-6973 has been exploited.
On 7 th May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-6973 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following advisories and apply the necessary updates:
| Ivanti |
| 220 | Spring Security Advisory. [Published Date: 2026-05-07]
[Id:2026.05.07.001]
details...
On 6th May 2026, Spring published security advisories to address vulnerabilities in Spring Cloud Config - multiple versions
Review the provided web links and apply the necessary updates.
| Others |
| 221 | Palo Alto Networks Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.001]
details...
On 5th May 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 - versions prior to 12.1.4-h5
- PAN-OS 12.1 - versions prior to 12.1.7
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
Palo Alto has received reports that CVE-2026-0300 is being actively exploited.
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 222 | Google Chrome Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.002]
details...
On 5th May 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 148.0.7778.96/97 (Windows/Mac) and 148.0.7778.96 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 223 | Broadcom VMware Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.003]
details...
On 5th May 2026, VMware published security advisories to address vulnerabilities in Tanzu GemFire Management Console - versions prior to 1.4.4.
Review the following advisories and apply the necessary updates:
| Broadcom |
| 224 | WatchGuard Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.004]
details...
On 6th May 2026, WatchGuard published a security advisory to address vulnerabilities in WatchGuard Agent on Windows - version 1.25.02.0000 and prior.
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 225 | Samsung Mobile Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.005]
details...
On 6th May 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices – versions prior to the SMR-MAY-2026 Release 1.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 226 | Cisco Security Advisory. [Published Date: 2026-05-06]
[Id:2026.05.06.006]
details...
On 6th May 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Crosswork Network Controller (CNC) - version 7.1 and prior
- Cisco IoT Field Network Director (FND) - version 4 and prior
- Cisco IoT Field Network Director (FND) - versions prior to 5.0.0-117
- Cisco Network Services Orchestrator (NSO) - version 6.3 and prior
- Cisco Network Services Orchestrator (NSO) - versions prior to 6.4.1.3
- Cisco SG350 and SG350X Managed Switch - multiple versions and models
- Cisco Unity Connection - versions prior to 12.5
- Cisco Unity Connection - versions prior to 14SU5
- Cisco Unity Connection - versions prior to 15SU4
Review the following advisories and apply the necessary updates:
| Cisco |
| 227 | Palo Alto Networks security advisory (2026.06.x.x) - Update 1. [Published Date: 2026-05-06]
[Id:2026.05.06.007]
details...
On 5th May 2026, Palo Alto Networks published a security advisory to address critical vulnerabilities in the following products:
- PAN-OS 12.1 - versions prior to 12.1.4-h5
- PAN-OS 12.1 - versions prior to 12.1.7
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
Palo Alto has received reports that CVE-2026-0300 is being actively exploited.
Update 1
On 6th May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0300 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Center encourages users and administrators to review the provided web links, implement the suggested mitigations, and apply the necessary updates when available.
| Palo Alto Networks |
| 228 | Qualcomm Security Advisory - May 2026 monthly rollup. [Published Date: 2026-05-05]
[Id:2026.05.05.001]
details...
On 4th May 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin - May and apply the necessary updates. | Qualcomm |
| 229 | Android security advisory - May 2026 Monthly Rollup. [Published Date: 2026-05-05]
[Id:2026.05.05.002]
details...
On 4th May 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 230 | Apache Security Advisory. [Published Date: 2026-05-05]
[Id:2026.05.05.003]
details...
On 4th May 2026, Apache published a security advisory to address vulnerabilities in Apache HTTP Server - version 2.4.66 and prior.
Review the provided web link and apply the necessary updates.
| Apache |
| 231 | Redis Security Advisory. [Published Date: 2026-05-05]
[Id:2026.05.05.004]
details...
On 5th May 2026, Redis published security advisories addressing vulnerabilities across multiple products. Included were critical updates for the following:
- Redis Software - multiple versions
- Redis OSS/CE releases - multiple versions
Review the following Redis Security Advisory and apply the necessary updates:
| Redis |
| 232 | Juniper Networks Security Advisory. [Published Date: 2026-05-05]
[Id:2026.05.05.005]
details...
On 5th May 2026, Juniper Networks published a security advisory to address Juniper Secure Analytics - versions prior to 7.5.0 UP15 IF01.
Review the following Redis Security Advisory and apply the necessary updates:
| juniper |
| 233 | IBM Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.001]
details...
Between 27th April 20th and 3rd May 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Carbon Charts lodash-es - versions 0.4.0 to 1.27.3
- Decision Optimization for Cloud Pak for Data - versions 5.0 to 5.3.1 releases
- IBM Application Modernization Accelerator - versions 4.0.0 to 4.6.0
- IBM Business Automation Workflow containers and traditional - multiple versions
- IBM Cloud Pak for AIOps - versions 4.1.0 to 4.13.0
- IBM Cloud Pak for Business Automation - multiple versions and models
- IBM Industry Solutions Workbench - versions prior to 5.0.0.0, 5.1.0.0 and 5.1.1.0
- IBM Maximo Application Suite - multiple versions
- IBM PowerVM Novalink - multiple versions
- IBM Process Mining - version 2.1.1
- IBM Rapid Infrastructure Automation - version 1.1.5
- IBM Rapid Network Automation - version 1.1.4
- IBM Transformation Advisor - versions 2.0.1 to 4.6.0
- IBM voice-gateway/media-relay - version 1.0.8.30
- IBM voice-gateway/tts-adapter - version 1.0.8.19
- IBM watsonx.data intelligence - versions prior to 5.2.0, 5.2.1, 5.3.0 and 5.3.1
- ICP - Discovery - versions 5.0.0 to 5.3.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 234 | Dell Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.002]
details...
Between 27th April and 3rd May 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.04.04.00
- Dell Automation Platform - versions prior to 2.0.0.0
- Dell Command | Monitor - version 10.13.0
- Dell CyberSense - versions prior to 8.16
- Dell NativeEdge Orchestrator - version 3.1.0.0
- Dell SmartFabric Manager - versions prior to 2.1.0
- Dell iDRAC10 - multiple versions
- Dell iDRAC9 - versions prior to 7.00.00.184
- Dell iDRAC9 - versions prior to 7.30.10.50
- Disk Library for mainframe DLm8700/DLm2700 - versions prior to 7.0.1.0
- PowerProtect Cyber Recovery - versions prior to 20.1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 235 | FreeBSD Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.003]
details...
On 29th April 2026, FreeBSD published security advisories addressing vulnerabilities in all supported versions.
Review the following advisories and apply the necessary updates:
| Others |
| 236 | Ubuntu Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.004]
details...
Between 27th April and 3rd May 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 20.04 LTS
- Ubuntu 24.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 237 | Red Hat Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.005]
details...
Between 27th April and 3rd May 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 238 | Broadcom VMware Security Advisory. [Published Date: 2026-05-04]
[Id:2026.05.04.006]
details...
On 1st May 2026, VMware published security advisories to address vulnerabilities in Tanzu Jammy Stemcell - versions prior to 1.1193.
Review the following advisories and apply the necessary updates:
| Broadcom |
| 239 | Web Defacement Artifacts on the Bangladesh Government Infrastructure, Potentially Linked to a Global Magento Exploitation Campaign. [Published Date: 2026-05-03]
[Id:2026.05.03.001]
details...
On 03rd May 2026, BDNCIRT issued a Situational Advisory regarding Web Defacement Artifacts on the Bangladesh Government Infrastructure, Potentially Linked to a Global Magento Exploitation Campaign.
| BGD e-GOV CIRT (BDNCIRT |
| 240 | HPE Security Advisory. [Published Date: 2026-05-01]
[Id:2026.05.01.001]
details...
On 30th April 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Service Orchestrator - versions prior to v5.6.0
- HPE Telco Service Activator - versions 10.5.0 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 241 | Microsoft Edge Security Advisory. [Published Date: 2026-05-01]
[Id:2026.05.01.002]
details...
On 30th April 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 147.0.3912.98.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 242 | JetBrains Security Advisory. [Published Date: 2026-05-01]
[Id:2026.05.01.003]
details...
On 30th April 2026, JetBrains published security advisories to address vulnerabilities JetBrains IntelliJ IDEA - versions prior to 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1 and 2026.1.1.
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 243 | Mozilla Security Advisory. [Published Date: 2026-04-30]
[Id:2026.04.30.001]
details...
On 30th April 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Thunderbird - versions prior to 150.0.1
- Thunderbird ESR - versions prior to 140.10.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 244 | Progress Security Advisory [Published Date: 2026-04-30]
[Id:2026.04.30.002]
details...
| progress |
| 245 | GNU Security Advisory. [Published Date: 2026-04-30]
[Id:2026.04.30.003]
details...
On 29th April 2026, GNU published a security advisory to address a vulnerability in GNU InetUtils - version prior to 2.8.
Review the following provided web link and apply the necessary updates when available.
| GNU |
| 246 | GitLab security advisory. [Published Date: 2026-04-30]
[Id:2026.04.30.004]
details...
On 29th April 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.11.2 and 18.10.5
- GitLab Enterprise Edition (EE) - versions prior to 18.11.2 and 18.10.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 247 | Google Chrome Security Advisory. [Published Date: 2026-04-29]
[Id:2026.04.29.001]
details...
On 28th April 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 147.0.7727.137/138 (Windows/Mac) and 147.0.7727.137 (Linux).
Review the Google security bulletins and apply the required updates.
| Google |
| 248 | Jenkins Security Advisory. [Published Date: 2026-04-29]
[Id:2026.04.29.002]
details...
On 29th April 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Credentials Binding Plugin - version 719.v80e905ef14eb_ and prior
- GitHub Plugin - version 1.46.0 and prior
- GitHub Branch Source Plugin - version 1967.vdea_d580c1a_b_a_ and prior
- HTML Publisher Plugin - version 427 and prior
- Matrix Authorization Strategy Plugin - versions 2.0-beta-1 to 3.2.9
- Microsoft Entra ID (previously Azure AD) Plugin - version 666.v6060de32f87d and prior
- Script Security Plugin - version 1399.ve6a_66547f6e1 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 249 | cPanel Security Advisory. [Published Date: 2026-04-29]
[Id:2026.04.29.003]
details...
On 29th April 2026, cPanel published security advisories to address vulnerabilities in cPanel software - versions 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.136.0.5, 11.134.0.20, and WP Squared 11.136.1.7.
Review the following advisories and apply the necessary updates:
| Others |
| 250 | SonicWall Security Advisory. [Published Date: 2026-04-29]
[Id:2026.04.29.004]
details...
On 29th April 2026, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Gen6 Hardware Firewalls - firmware version 6.5.5.1-6n and prior
- Gen7 NSv - firmware version 7.0.1-5169 and prior, firmware version 7.3.1-7013 and prior
- Gen7 Firewalls - firmware version 7.0.1-5169 and prior, firmware version 7.3.1-7013 and prior
- Gen8 Firewalls - firmware version 8.1.0-8017 and prior
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 251 | SmarterTools Security Advisory. [Published Date: 2026-04-28]
[Id:2026.04.28.001]
details...
On 24th April 2026, SmarterTools released security updates to address SmarterMail - versions prior to Build 9610.
Review the provided web links and apply the necessary updates.
| Others |
| 252 | Citrix Security Advisory. [Published Date: 2026-04-28]
[Id:2026.04.28.002]
details...
On 28th April 2026, Citrix published security advisories to address vulnerabilities in XenServer - versions prior to 8.4.
Review the following advisories and apply the necessary updates:
| Citrix |
| 253 | Mozilla Security Advisory. [Published Date: 2026-04-28]
[Id:2026.04.28.003]
details...
On 28th April 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 150.0.1
- Firefox ESR - versions prior to 140.10.1
- Firefox ESR - versions prior to 115.35.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 254 | Microsoft Security Advisory - April 2026 Monthly Rollup - Update 3. [Published Date: 2026-04-28]
[Id:2026.04.28.004]
details...
On 14th April 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure Logic Apps
- Azure Monitor Agent
- Microsoft .NET Framework
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft 365 Apps for Enterprise
- Microsoft Defender Antimalware Platform
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft HPC Pack 2019
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Power Apps
- Microsoft PowerPoint 2016
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022
- Microsoft Visual Studio Code CoPilot Chat Extension
- Office Online Server
- PowerShell
- Remote Desktop client for Windows Desktop
- Windows 10
- Windows 11
- Windows Admin Center
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-32201 has been exploited.
On 14th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32201 to their Known Exploited Vulnerabilities (KEV) Database.
Update 1
Open-source reporting indicates that the CVE-2026-33825 vulnerability is being exploited in the wild.
Update 2
On 22nd April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-33825 to their Known Exploited Vulnerabilities (KEV) Database.
Update 3
On 28th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32202 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Microsoft |
| 255 | Zyxel Security Advisory. [Published Date: 2026-04-28]
[Id:2026.04.28.005]
details...
On 28th April 2026, Zyxel published security advisories to address vulnerabilities in the following products:
- 4G LTE/5G NR CPE - multiple versions and models
- DSL/Ethernet CPE - multiple versions and models
- Fiber ONTs - multiple versions and models
- Wireless Extenders - multiple versions and models
Review the following advisories and apply the necessary updates:
| Zyxel |
| 256 | IBM Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.001]
details...
Between 20th and 26th April 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- DataStax Hyper-Converged Database - version 1.2.4
- Enterprise Content Management System Monitor - version 5.5
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.24
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.6.2
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.7.0
- IBM Big Replicate LiveData Migrator - versions 1.13.0 to 3.3
- IBM Business Automation Manager Open Editions - versions 9.0.0 to 9.4.0
- IBM Cloud APM, Advanced Private - versions 8.1.4.0 to 8.1.4.0 IF18
- IBM Cloud APM, Base Private - versions 8.1.4.0 to 8.1.4.0 IF18
- IBM Data Product Hub - versions 5.0.0 to 5.3.1 Patch 2
- IBM Edge Application Manager - versions 5.0.0, 5.0.1 and 5.0.2
- IBM Guardium Data Protection - versions 12.0, 12.1 and 12.2
- IBM Netezza Appliance - versions 1.0.0.0 and 1.0.0.1
- IBM Sterling Connect:Direct Web Services - versions 6.3.0 to 6.3.0.17
- IBM Sterling Connect:Direct Web Services - versions 6.4.0 to 6.4.0.6
- IBM Storage Protect Operations Center - version 8.2.0
- InfoSphere Data Architect - version 9.2.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 257 | Dell Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.002]
details...
Between 20th and 26th April 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Networking OS10 - versions prior to 10.6.0.8
- Dell Storage Monitoring and Reporting - versions prior to 6.1.0.0
- Dell Storage Resource Manager - versions prior to 6.1.0.0
- Dell VxRail Appliance - versions 8.0.000 to 8.0.370
Review the following advisories and apply the necessary updates:
| Dell |
| 258 | Ubuntu Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.003]
details...
Between 20th and 26th April 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 259 | Red Hat Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.004]
details...
Between 20th and 26th April 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 260 | Broadcom VMware Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.005]
details...
On 24th April 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu Data Lake - versions prior to 4.0.0
- VMware Tanzu Greenplum Platform Extension Framework - versions prior to 8.0.0
Review the following advisories and apply the necessary updates:
| Broadcom |
| 261 | Notepad++ Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.006]
details...
On 26th April 2026, Notepad++ released security updates to address Notepad++ - version 8.9.3 and prior.
Review the provided web links and apply the necessary updates.
| Others |
| 262 | Microsoft Edge Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.007]
details...
On 24th April 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 147.0.3912.86.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 263 | Spring Security Advisory. [Published Date: 2026-04-27]
[Id:2026.04.27.008]
details...
On 27th April 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring AI - 1.0.x versions prior to 1.0.6
- Spring AI - 1.1.x versions prior to 1.1.5
Review the provided web links and apply the necessary updates.
| Others |
| 264 | Google Chrome Security Advisory. [Published Date: 2026-04-23]
[Id:2026.04.23.001]
details...
On 22nd April 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 147.0.7727.116/117 (Windows/Mac) and 147.0.7727.116 (Linux).
Review the Google security bulletins and apply the required updates.
| Google |
| 265 | GitHub Security Advisory. [Published Date: 2026-04-23]
[Id:2026.04.23.002]
details...
On 21st April 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.20.x prior to 3.20.1
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.5
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.8
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.14
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.17
Review the following advisories and apply the necessary updates:
| Github |
| 266 | CrowdStrike Security Advisory. [Published Date: 2026-04-23]
[Id:2026.04.23.003]
details...
On 21st April 2026, CrowdStrike published a security advisory to address vulnerabilities in the following products:
- LogScale Self-Hosted - GA versions 1.224.0 to 1.234.0 (inclusive)
- LogScale Self-Hosted LTS - versions 1.228.0 and 1.228.1
Review the following advisories and apply the necessary updates:
| Others |
| 267 | Spring Security Advisory. [Published Date: 2026-04-23]
[Id:2026.04.23.004]
details...
On 23rd April 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring Boot - 4.0.x versions prior to 4.0.6
- Spring Boot - 3.5.x versions prior to 3.5.14
- Spring Boot - 3.4.x versions prior to 3.4.16
- Spring Boot - 3.3.x versions prior to 3.3.19
- Spring Boot - 2.7.x versions prior to 2.7.33
Review the Spring Security Advisories and apply the necessary updates.
| Others |
| 268 | Tenable Security Advisory. [Published Date: 2026-04-23]
[Id:2026.04.23.005]
details...
On 23rd April 2026, Tenable published a security advisory to address vulnerabilities in the following product:
- Nessus Agent - versions prior to 11.1.3
- Nessus - versions prior to 10.11.4 and versions prior to 10.12.0
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 269 | Vulnerabilities impacting Cisco ASA and FTD devices - CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 – Update 1. [Published Date: 2026-04-23]
[Id:2026.04.23.006]
details...
On 25th September 2025, Cisco published security advisories for critical vulnerabilities, CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363, affecting the following ASA and Cisco Secure Firewall Threat Defense (FTD) software release products:
- Cisco ASA software release 9.12 - versions prior to 9.12.4.72
- Cisco ASA software release 9.14 - versions prior to 9.14.4.28
- Cisco ASA software release 9.16 - versions prior to 9.16.4.85
- Cisco ASA software release 9.17 - versions prior to 9.17.1.45
- Cisco ASA software release 9.18 - versions prior to 9.18.4.67
- Cisco ASA software release 9.19 - versions prior to 9.19.1.42
- Cisco ASA software release 9.20 - versions prior to 9.20.4.10
- Cisco ASA software release 9.22 - versions prior to 9.22.2.14
- Cisco ASA software release 9.23 - versions prior to 9.23.1.19
- Cisco FTD software release 7.0 - versions prior to 7.0.8.1
- Cisco FTD software release 7.1 - all versions
- Cisco FTD software release 7.2 - versions prior to 7.2.10.2
- Cisco FTD software release 7.3 - all versions
- Cisco FTD software release 7.4 - versions prior to 7.4.2.4
- Cisco FTD software release 7.6 - versions prior to 7.6.2.1
- Cisco FTD software release 7.7 - versions prior to 7.7.10.1
For further details on affected versions and available fixed releases, please refer to the following Cisco advisories
CVE-2025-20333 is a vulnerability affecting the ASA and FTD software that could allow an authenticated remote threat actor to execute arbitrary code on affected devices.
CVE-2025-20362 is a vulnerability affecting the ASA and FTD software that could allow an unauthenticated remote threat actor to access URL endpoints that should otherwise be inaccessible without authentication.
CVE-2025-20363 is a vulnerability affecting the ASA, FTD, Cisco IOS, Cisco IOS XE and Cisco IOS XR software, that could allow an unauthenticated remote threat actor (ASA and FTD) or authenticated remote one (Cisco IOS, IOS XE and IOS XR) with low user privileges to execute arbitrary code on affected devices.
All these vulnerabilities are due to improper validation of user supplied input in HTTP(S) requests.
Update 1
On 23 rd April 2026, Cisco Talos published a blog post and Cisco published a security advisory identifying a previously unknown persistence method that persists even after upgrading to a patched version released in September 2025. The persistence mechanism is embedded in the Cisco Firepower eXtensible Operating System (FXOS) Software base operating system for Cisco Secure Firewall ASA Software and Cisco Secure FTD Software installations on the affected hardware.
The Cybersecurity and Infrastructure Security Agency (CISA) created the Emergency Directive document V1: ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices and along with the United Kingdom National Cyber Security Centre (NCSC), published a FIRESTARTER Backdoor Malware Analysis Report on 23rd April 2026.
Review the Cisco advisory, identify if indicators of compromise are present on their devices, and apply the identified workarounds, including reimaging the device to a known fixed version.
Affected products and versions:
Secure Firewall ASA Software
- Cisco ASA software release 9.16 - versions prior to 9.16.4.92
- Cisco ASA software release 9.18 - versions prior to 9.18.4.135
- Cisco ASA software release 9.20 - versions prior to 9.20.4.30
- Cisco ASA software release 9.22 - versions prior to 9.22.3.5
- Cisco ASA software release 9.23 - versions prior to 9.23.1.195
- Cisco ASA software release 9.24 - versions prior to 9.24.1.155
Secure FTD Software
- Cisco FTD software release 7.0 - versions prior to 7.0.9 Hotfix FZ-7.0.9.1-3
- Cisco FTD software release 7.2 - versions prior to 7.2.11 Hotfix HI-7.2.11.1-1
- Cisco FTD software release 7.4 - versions prior to 7.4.7
- Cisco FTD software release 7.6 - versions prior to 7.6.4 Hotfix CC-7.6.4.1-1
- Cisco FTD software release 7.7 - versions prior to 7.7.11 Hotfix AE-7.7.11.1-4
- Cisco FTD software release 10 - versions prior to 10.0.0 Hot Fix (Target 30th April 2026)
Firepower 4100 and 9300 Security Appliance
- Cisco Firepower 4100 and 9300 Security Appliance 2.10 - versions prior to 2.10.1.383
- Cisco Firepower 4100 and 9300 Security Appliance 2.12 - versions prior to 2.12.1.117
- Cisco Firepower 4100 and 9300 Security Appliance 2.14 - versions prior to 2.14.3.125
- Cisco Firepower 4100 and 9300 Security Appliance 2.16 - versions prior to 2.16.2.119
- Cisco Firepower 4100 and 9300 Security Appliance 2.17 - versions prior to 2.17.0.549
- Cisco Firepower 4100 and 9300 Security Appliance 2.18 - versions prior to 2.18.0.535
Suggested actions
It is recommended that organizations running Cisco ASA and FTD products upgrade to a fixed release software version.
Organizations upgrading an ASA 5500-X Series model to 9.12.4.72 or 9.14.4.28 should refer to Cisco's Bootloader and/or ROMMON Verification Failure procedures. If the "firmware-update.log" file is found on "disk0:" after upgrading to a fixed release, organizations are encouraged to preserve the log file and contact the local vendor or OEM.
References
| Cisco |
| 270 | n8n Security Advisory. [Published Date: 2026-04-22]
[Id:2026.04.22.001]
details...
On 22th March 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (MCP Client Registration) - multiple versions
- n8n (dynamic-node-parameters) - multiple versions
- n8n (XML Node Prototype Pollution) - multiple versions
- n8n (XML Webhook) - multiple versions
- n8n (SQL Mode of Merge Node) - multiple versions
- n8n (MCP OAuth client) - multiple versions
- n8n (Python Task Runner) - multiple versions
Review the provided n8n Security and apply the necessary updates.
| n8n |
| 271 | GitLab Security Advisory. [Published Date: 2026-04-22]
[Id:2026.04.22.002]
details...
On 22nd April 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.11.1, 18.10.4 and 18.9.6
- GitLab Enterprise Edition (EE) - versions prior to 18.11.1, 18.10.4 and 18.9.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 272 | Microsoft Security Advisory. [Published Date: 2026-04-22]
[Id:2026.04.22.003]
details...
On 21st April 2026, Microsoft published an out-of-band (OOB) security update to address a critical vulnerability in .NET 10.0.0 - versions 10.0.0 to 10.0.6.
Review the following advisories and apply the necessary updates:
| Microsoft |
| 273 | Oracle Security Advisory - April 2026. [Published Date: 2026-04-22]
[Id:2026.04.22.004]
details...
On 21st April 2026, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- MySQL Enterprise Backup
- MySQL Server
- MySQL Workbench
- Oracle Advanced Inbound Telephony
- Oracle Banking Origination
- Oracle Business Intelligence Enterprise Edition
- Oracle Communications Cloud Native Core Network Exposure Function
- Oracle Communications EAGLE
- Oracle Communications EAGLE Application Processor
- Oracle Communications EAGLE LNP Application Processor
- Oracle Communications LSMS
- Oracle Communications Messaging Serve
- Oracle Communications Operations Monitor
- Oracle Communications Policy Management
- Oracle Communications Unified Assurance
- Oracle Managed File Transfer
- Oracle Tuxedo
Review Oracle Critical Patch Update Advisory - April 2026 and apply the necessary updates. | Oracle |
| 274 | Microsoft Security Advisory - April 2026 Monthly Rollup - Update 2. [Published Date: 2026-04-22]
[Id:2026.04.22.005]
details...
On 14th April 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure Logic Apps
- Azure Monitor Agent
- Microsoft .NET Framework
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft 365 Apps for Enterprise
- Microsoft Defender Antimalware Platform
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft HPC Pack 2019
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Power Apps
- Microsoft PowerPoint 2016
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022
- Microsoft Visual Studio Code CoPilot Chat Extension
- Office Online Server
- PowerShell
- Remote Desktop client for Windows Desktop
- Windows 10
- Windows 11
- Windows Admin Center
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-32201 has been exploited.
On 14th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32201 to their Known Exploited Vulnerabilities (KEV) Database.
Update 1
Open-source reporting indicates that the CVE-2026-33825 vulnerability is being exploited in the wild.
Update 2
On 22nd April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-33825 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Microsoft |
| 275 | Apple Security Advisory. [Published Date: 2026-04-22]
[Id:2026.04.22.006]
details...
On 22nd April 2026, Apple published a security update to address vulnerabilities in the following products:
- iOS - versions prior to 18.7.8
- iPadOS - versions prior to 26.4.2
Review the provided web links and apply the necessary updates.
| Apple |
| 276 | Mozilla Security Advisory. [Published Date: 2026-04-21]
[Id:2026.04.21.001]
details...
On 21st April 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 150
- Firefox ESR - versions prior to 35
- Firefox ESR - versions prior to 10
Review the following advisories and apply the necessary updates:
| Mozilla |
| 277 | Spring Security Advisory. [Published Date: 2026-04-21]
[Id:2026.04.21.002]
details...
On 21st April 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring Cloud Gateway - version 4.2.0
- Spring Security - versions 5.7.0 to 5.7.22, 5.8.0 to 5.8.24, 6.3.0 to 6.3.15, 6.4.0 to 6.4.15, 6.5.0 to 6.5.9 and 7.0.0 to 7.0.4
- Spring Authorization Server - versions 1.3.0 to 1.3.10, 1.4.0 to 1.4.9 and 1.5.0 to 1.5.6
- Spring Framework - versions 5.3.0 to 5.3.47, 6.1.0 to 6.1.26, 6.2.0 to 6.2.17 and 7.0.0 to 7.0.6
Review the Spring Security Advisories and apply the necessary updates. | Others |
| 278 | Atlassian Security Advisory. [Published Date: 2026-04-21]
[Id:2026.04.21.003]
details...
On 21st April 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 279 | IBM Security Advisory. [Published Date: 2026-04-20]
[Id:2026.04.20.001]
details...
Between 13th and 19th April 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- API Connect - versions V10.0.8.0 to V10.0.8.7
- Aspera Faspex 5 - versions 5.0.0 to 5.0.15
- DevOps Test Performance - versions 11.0 to 11.0.7
- IBM App Connect Enterprise - multiple versions
- IBM Aspera Console - versions 3.3.0 to 3.4.9
- IBM Aspera Orchestrator - versions 3.0.0 to 4.1.3
- IBM Business Automation Manager Open Editions - versions 8.0.0 to 8.0.8
- IBM Data Product Hub - versions 5.0.0 to 5.3.1
- IBM Event Processing - versions 1.0.0 to 1.4.7
- IBM Guardium Data Protection - versions 12.0, 12.1 and 12.2
- IBM Maximo Application Suite - Monitor Component - multiple versions
- IBM Netezza Appliance - versions 1.0.0.0 and 1.0.0.1
- IBM SPSS Modeler - multiple versions
- IBM Tivoli Network Configuration Manager (ITNCM) - versions 6.4.2 to 6.4.2 Fix Pack 23
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.3.1
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - multiple versions
- Performance Tester (RPT) - versions 11.0 to 11.0.7
- Rational Performance Tester - multiple versions
- SPSS Collaboration and Deployment Services - version 9.0.0.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 280 | Ubuntu Security Advisory. [Published Date: 2026-04-20]
[Id:2026.04.20.002]
details...
Between 13th and 19th April 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 281 | Progress Security Advisory [Published Date: 2026-04-20]
[Id:2026.04.20.003]
details...
On 20th April 2026, Progress published a security update to address vulnerabilities in the following products.
- Progress Kemp LoadMaster - version GA v7.2.62.2 and prior
- Progress Kemp LoadMaster - version LTSF v7.2.54.16 and prior
- Progress MOVEit WAF - version GA v7.2.62.2 and prior
Review the provided web links and apply the necessary updates.
| progress |
| 282 | Dell Security Advisory. [Published Date: 2026-04-20]
[Id:2026.04.20.004]
details...
Between 13th and 19th April 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Connectrix Switches and Directors - multiple versions
- Dell AMD-based PowerEdge Server - multiple versions and models
- Dell Command| Update - versions prior to 5.7.0
- Dell PowerProtect Data Domain - multiple versions and models
- Dell Storage Manager - Replay Manager for Microsoft Servers - versions prior to 8.0.3
Review the following advisories and apply the necessary updates:
| Dell |
| 283 | Cisco security advisory - Update 3. [Published Date: 2026-04-20]
[Id:2026.04.20.005]
details...
On 25th February 2026, Cisco published security advisories to address critical vulnerabilities in the following products:
- Cisco Catalyst SD-WAN Controller - multiple versions
- Cisco Catalyst SD-WAN Manager - multiple versions
- Cisco Nexus 3600 and 9500-R Switching Platform - multiple versions
- Cisco Nexus 9000 Series Fabric Switches - multiple versions
- Cisco UCS Software (UCS Manager Mode) - versions prior to 4.3(6e)
- Cisco UCS Software (Intersight Managed Mode) - versions prior to 4.3(6.260003)
Cisco has indicated that CVE-2026-20127 has been exploited.
Update 1
On 25th February 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20127 to their Known Exploited Vulnerabilities (KEV) Database.
Update 2
Cisco has indicated that CVE-2026-20128 and CVE-2026-20122 are being actively exploited.
Update 3
On 20th April 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20122, CVE-2026-20128, and CVE-2026-20133 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links, implement the recommended actions, and apply the necessary updates when available.
| Cisco |
| 284 | Microsoft Edge Security Advisory. [Published Date: 2026-04-17]
[Id:2026.04.17.001]
details...
On 16th April 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 1 47.0.3912.72.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates.
| Microsoft |
| 285 | JetBrains Security Advisory. [Published Date: 2026-04-17]
[Id:2026.04.17.002]
details...
On 17th March 2026, JetBrains published security advisories to address vulnerabilities JetBrains Hub - versions prior to 2026.1.
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 286 | Drupal Security Advisory. [Published Date: 2026-04-16]
[Id:2026.04.16.001]
details...
On 15th April 2026, Drupal published security advisories to address vulnerabilities in Drupal core - multiple versions.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 287 | Nginx UI Security Advisory [Published Date: 2026-04-16]
[Id:2026.04.16.002]
details...
On 10th April 2026, Nginx UI published security advisories to address vulnerabilities in Nginx UI - version v2.3.5 and prior.
Review the following Drupal Security Advisory and apply the necessary updates.
| Others |
| 288 | Apache ActiveMQ Security Advisory (AV26-330) - Update 1 [Published Date: 2026-04-16]
[Id:2026.04.16.003]
details...
On 8th April 2026, Apache published a security advisory to address a vulnerability in the following products:
- Apache ActiveMQ Broker - versions prior to 5.19.4
- Apache ActiveMQ Broker - 6.0.0 versions prior to 6.2.3
Update 1
On 16 th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-34197 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates.
| Apache |
| 289 | HPE Security Advisory. [Published Date: 2026-04-16]
[Id:2026.04.16.004]
details...
On 16th April 2026, HPE published a security advisory to address vulnerabilities in HPE HPE Cray Supercomputing EX420 Compute Blade - versions prior to 1.91.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 290 | AMD Security Advisory. [Published Date: 2026-04-15]
[Id:2026.04.15.001]
details...
On 14th April 2026, AMD published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- AMD EPYC Processors - multiple versions and models
- AMD Ryzen Processors - multiple versions and models
- AMD Ryzen Embedded Processors - multiple versions and models
- AMD EPYC Embedded Processors - multiple versions and models
Review the following advisories and apply the necessary updates:
| AMD |
| 291 | Splunk Security Advisory. [Published Date: 2026-04-15]
[Id:2026.04.15.002]
details...
On 15th April 2026, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Operator for Kubernetes Add-on - versions prior to 3.1.0
- Splunk MCP Server - versions prior to 1.0.3
- Splunk IT Service Intelligence (ITSI) - versions prior to 4.21.2
- Splunk Enterprise - multiple versions
- Splunk Cloud Platform - multiple versions
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 292 | Cisco Security Advisory. [Published Date: 2026-04-15]
[Id:2026.04.15.003]
details...
On 15th April 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Identity Services Engine (ISE) - multiple versions
- Cisco ISE Passive Identity Connector (ISE-PIC) - multiple versions
- Cisco Webex Services (cloud-based, configured to use SSO integration with Control Hub)
Review the following advisories and apply the necessary updates:
| Cisco |
| 293 | Google Chrome Security Advisory. [Published Date: 2026-04-15]
[Id:2026.04.15.004]
details...
On 7th April 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 147.0.7727.101/102 (Windows/Mac) and 147.0.7727.101 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 294 | Samsung Mobile Security Advisory. [Published Date: 2026-04-14]
[Id:2026.04.14.001]
details...
On 7th April 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-APR-2026 Release 1.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 295 | SAP security advisory - April 2026 monthly rollup. [Published Date: 2026-04-14]
[Id:2026.04.14.002]
details...
On 14th April 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP Business Planning and Consolidation and SAP Business Warehouse - versions HANABPC 810, BPC4HANA 300, SAP_BW 750, 752, 753, 754, 755, 756, 757, 758 and 816
- SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) - versions SAP_FIN 618, 720, 730, EA-FIN 617, 700, SAPSCORE 135, S4CORE 102, 103, 104, 105, 106, 107, 108, 109, EA-APPL 600, 602, 603, 604, 605 and 606
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
- SAP Human Capital Management for SAP S/4HANA - versions S4HCMRXX 100, 101, 102, SAP_HRRXX 600, 604 and 608
- SAP Business Analytics and SAP Content Management - versions S4HCMRXX 100, 101, 102, SAP_HRRXX 600, 604 and 608
- SAP S/4HANA OData Service (Manage Reference Equipment) - version S4CORE 109
- SAP S/4HANA Backend OData Service (Manage Reference Structures) - version S4CORE 109
- SAP S/4HANA Frontend OData Service (Manage Reference Structures) - version UIS4H 109
- SAP Supplier Relationship Management (SICF Handler in SRM Catalog) - versions SRM_SERVER 702, 713 and 714
- SAP NetWeaver Application Server Java (Web Dynpro Java) - version WD-RUNTIME 7.50
- SAP NetWeaver Application Server ABAP - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP HANA Cockpit and HANA Database Explorer - version SAP_HANA_COCKPIT 2.0
- SAP S/4HANA (Private Cloud and On-Premise) - versions S4CORE 105, 106, 107, 108, 109, FI-CA 606, 616, 617 and 618
- Material Master Application - versions S4CORE 102, 103, 104, 105, 106, 107, 108, 109, SCM_BASIS 700, SCM_BASIS 701, SCM_BASIS 702, SCM_BASIS 712, SCM_BASIS 713 and SCM_BASIS 714
- SAP S/4HANA OData Service (Manage Technical Object Structures) - version S4CORE 109
- SAP S4CORE (Manage Journal Entries) - versions S4CORE 104, 105, 106, 107 and 108
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
- SAP NetWeaver Application Server ABAP - versions SAP_UI 758 and 816
- SAP Landscape Transformation - versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107, 108 and 109
Review the SAP Security Patch Day - April 2026 and apply the necessary updates. | SAP |
| 296 | Fortinet Security Advisory. [Published Date: 2026-04-14]
[Id:2026.04.14.003]
details...
On 14th April 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiSandbox 5.0 - versions 5.0.0 to 5.0.5
- FortiAnalyzer Cloud 7.6 - versions 7.6.2 to 7.6.4
- FortiManager Cloud 7.6 - versions 7.6.2 to 7.6.4
- FortiDDoS-F 7.2 - versions 7.2.1 to 7.2.2
Review the following advisories and apply the necessary updates:
| Fortinet |
| 297 | Microsoft Security Advisory - April 2026 monthly rollup. [Published Date: 2026-04-14]
[Id:2026.04.14.004]
details...
On 14th April 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure Logic Apps
- Azure Monitor Agent
- Microsoft .NET Framework
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft 365 Apps for Enterprise
- Microsoft Defender Antimalware Platform
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft HPC Pack 2019
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Power Apps
- Microsoft PowerPoint 2016
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022
- Microsoft Visual Studio Code CoPilot Chat Extension
- Office Online Server
- PowerShell
- Remote Desktop client for Windows Desktop
- Windows 10
- Windows 11
- Windows Admin Center
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-32201 has been exploited.
On 14th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32201 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following provided web links and apply the necessary updates:
| Microsoft |
| 298 | Adobe Security Advisory. [Published Date: 2026-04-14]
[Id:2026.04.14.005]
details...
On 14th March 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Acrobat 2024 - version Win: 24.001.30362 and prior, Mac: 24.001.30360 and prior
- Acrobat DC - version 26.001.21411 and prior
- Acrobat Reader DC - version 26.001.21411 and prior
- Adobe Bridge - version 15.1.4 (LTS) and prior, version 16.0.2 and prior
- Adobe Connect Desktop Application - version 2025.3 and prior
- Adobe Connect - version 12.10 and prior
- Adobe DNG Software Development Kit (SDK) - versions DNG SDK 1.7.1 build 2502 and prior
- Adobe Experience Manager (AEM) Screens - version 6.5 Service Pack 24 and prior, version Feature Pack 11.7 and prior
- Adobe FrameMaker - version 2022 Release Update 8 and prior
- Adobe InCopy - version 21.2 and prior, version 20.5.2 and prior
- Adobe InDesign - version ID21.22 and prior, version ID20.5.2 and prior
- ColdFusion 2023 - version Update 18 and prior
- ColdFusion 2025 - version Update 6 and prior
- Illustrator 2025 - version 29.8.5 and prior
- Illustrator 2026 - version 30.2 and prior
- Photoshop 2026 - version 27.4 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 299 | Tenable Security Advisory. [Published Date: 2026-04-14]
[Id:2026.04.14.006]
details...
On 14th April 2026, Tenable released security updates to address vulnerabilities in Tenable Identity Exposure - versions prior to 3.77.17.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 300 | Microsoft Security Advisory - April 2026 Monthly Rollup - Update 1 [Published Date: 2026-04-14]
[Id:2026.04.14.007]
details...
On 14th April 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure Logic Apps
- Azure Monitor Agent
- Microsoft .NET Framework
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft 365 Apps for Enterprise
- Microsoft Defender Antimalware Platform
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft HPC Pack 2019
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Power Apps
- Microsoft PowerPoint 2016
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022
- Microsoft Visual Studio Code CoPilot Chat Extension
- Office Online Server
- PowerShell
- Remote Desktop client for Windows Desktop
- Windows 10
- Windows 11
- Windows Admin Center
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
- Microsoft has received reports that CVE-2026-32201 has been exploited.
On 14 th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32201 to their Known Exploited Vulnerabilities (KEV) Database.
Update 1
Open-source reporting indicates that the CVE-2026-33825 vulnerability is being exploited in the wild.
Review the provided web links and apply the necessary updates.
| Microsoft |
| 301 | Ubuntu Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.001]
details...
Between 6th and 12 April 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 302 | Red Hat Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.002]
details...
Between 6th and 12th April 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 303 | IBM Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.003]
details...
Between 6th March and 12th April 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- DevOps Test Performance - versions 11.0 to 11.0.7
- EDB PGAI - multiple versions and models
- EDB PGAI Databases - version 18.0
- IBM App Connect Operator - multiple versions
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM ApplinX - version 11.1
- IBM Cloud Pak for AIOps - versions 4.1.0 to 4.12.0
- IBM DataPower Gateway - multiple versions and models
- IBM Knowledge Catalog Premium Cartridge - multiple versions
- IBM Planning Analytics Local - versions 2.1.0 to 2.1.18
- IBM OpenAPI SDK Generator (Node.js) - version 5.4.9
- IBM Operations Analytics - Log Analysis - multiple versions
- IBM Storage Defender Copy Data Management - versions 2.2.0.0 to 2.2.28.1
- IBM Storage Sentinel Anomaly Scan Engine - versions 1.1.0 to 1.1.11
- IBM Tivoli Business Service Manager - version 6.2.0
- IBM Tivoli Business Netcool Impact - version 7.1.1
- IBM Tivoli Network Manager IP Edition - versions 4.2 GA to 4.2.0.23
- ITCAM for Transactions - version 7.4.0.2
- Rational Performance Tester - multiple versions
- watsonx.data - version 2.3
- watsonx Code Assistant On Prem - multiple versions
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.6.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 304 | Dell Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.004]
details...
Between 6th and 12th April 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Connectrix Switches and Directors - versions prior to sannav_ova_9x_os_02_2026
- Data Protection Advisor - versions 19.9 to 19.12 SP2
- Dell AX System - multiple versions and models
- Dell Data Protection Central - versions 19.9 to 19.12 with Data Protection Central OS Update prior to dpc-osupdate-1.1.26-1
- Dell EMC Isilon OneFS - versions 8.2.2 and prior
- Dell EMC PowerScale - version 9.0.0
- Dell Integrated System for Microsoft Azure Stack Hub 16G - versions prior to 2603
- Dell Networking OS10 - versions prior to 10.6.1.1
- Dell PowerProtect DP Series Appliance - versions prior to 2.7.9 with Data Protection Central OS Update prior to dpc-osupdate-1.1.26-1
- Dell PowerScale OneFS - multiple versions
- Elastic Cloud Storage - versions prior to 3.8.1.7
- ObjectScale - versions prior to 4.1.0.3 and 4.2.00
- PowerSwitch Z9664F-ON - versions prior to 3.54.5.1-11
- PowerSwitch S5448F-ON - versions prior to 3.54.5.1-14
- PowerSwitch S9664F-ON - versions prior to 3.54.5.1-11
- PowerSwitch E3200-ON - versions prior to 3.57.5.1-6
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 305 | Tenable security advisory - Update 1. [Update Date: 2026-04-13]
[Id:2026.04.13.005]
details...
On 9th April 2026, Tenable published a security advisory to address vulnerabilities in the following product:
- Tenable Security Center - version 6.5.0 to 6.8.0
Update 1
On 13 th April 2026, Tenable updated the affected products reflected above.
Review the provided web links and apply the necessary updates.
| Tenable |
| 306 | Fortinet security advisory - Update 2. [Published Date: 2026-04-13]
[Id:2026.04.13.006]
details...
On 4th April 2026, Fortinet published security advisories to address vulnerabilities in FortiClientEMS 7.4 - version 7.4.5 to 7.4.6.
Update 1
Open-source reporting indicates that CVE-2026-21643 is being exploited in the wild.
Update 2
On 13th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-21643 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Fortinet |
| 307 | Adobe Acrobat Security Advisory - Update 1. [Published Date: 2026-04-13]
[Id:2026.04.13.007]
details...
On 12th April 2026, Adobe published a security advisory to address a critical vulnerability in the following products:
- Acrobat Mac - versions prior to 24.001.30360
- Acrobat Windows - versions prior to 24.001.30362
- Acrobat DC - versions prior to 26.001.21411
- Acrobat Reader DC - versions prior to 26.001.21411
Adobe is aware of CVE-2026-34621 being exploited in the wild.
Update 1
On 13 th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-34621 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Adobe |
| 308 | Microsoft Edge Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.008]
details...
On 10th April 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 147.0.3912.60.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 309 | Red Hat Security Advisory. [Published Date: 2026-04-13]
[Id:2026.04.13.009]
details...
Between 6th and 12th April 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 310 | Google Chrome Security Advisory. [Published Date: 2026-04-10]
[Id:2026.04.10.001]
details...
On 7th April 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 147.0.7727.55/56 (Windows/Mac) and 147.0.7727.55 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 311 | HPE Security Advisory [Published Date: 2026-04-09]
[Id:2026.04.09.001]
details...
On 8th April 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Superdome Flex server - versions prior to v4.10.18
- HPE Superdome Flex 280 server - versions prior to v2.05.12
- HPE Compute Scale-Up Server 3200 Platform - versions prior to v1.60.88
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 312 | Juniper Networks Security Advisory. [Published Date: 2026-04-09]
[Id:2026.04.09.002]
details...
Between 8th and 9th April 2026, Juniper Networks published a security advisory to address a critical vulnerability in the following products:
- Apstra - versions prior to 6.1.1
- JSI vLWC - versions prior to 3.0.94
- Junos OS - versions prior to 21.2R3-S10 on SRX Series
- Junos OS - all 21.3 versions on SRX Series
- Junos OS - 21.4 versions prior to 21.4R3-S12 on SRX Series
- Junos OS - all 22.1 versions on SRX Series
- Junos OS - 22.2 versions prior to 22.2R3-S8 on SRX Series
- Junos OS - all 22.4 versions on SRX Series
- Junos OS - 22.4 versions prior to 22.4R3-S9 on MX Series
- Junos OS - 23.2 versions prior to 23.2R2-S6 on SRX and MX Series
- Junos OS - 23.4 versions prior to 23.4R2-S7 on SRX and MX Series
- Junos OS - 24.2 versions prior to 24.2R2-S3 on SRX Series
- Junos OS - 24.2 versions prior to 24.2R2-S4 on MX Series
- Junos OS - 24.4 versions prior to 24.4R2-S3 on SRX and MX Series
- Junos OS - 25.2 versions prior to 25.2R1-S2, 25.2R2 on SRX and MX Series
- Junos OS - versions prior to 22.4R3-S7
- Junos OS - 23.2 versions prior to 23.2R2-S4
- Junos OS - 23.4 versions prior to 23.4R2-S7
- Junos OS - 24.2 versions prior to 24.2R1-S2, 24.2R2-S4
- Junos OS - 24.4 versions prior to 24.4R1-S2, 24.4R2-S3
- Junos OS - 25.2 versions prior to 25.2R1-S2, 25.2R2
- Junos OS Evolved - versions prior to 21.2R3-S8-EVO
- Junos OS Evolved - 21.4 versions prior to 21.4R3-S7-EVO
- Junos OS Evolved - 22.2 versions prior to 22.2R3-S4-EVO
- Junos OS Evolved - 22.3 versions prior to 22.3R3-S3-EVO
- Junos OS Evolved - 22.4 versions prior to 22.4R3-S2-EVO
- Junos OS Evolved - 23.2 versions prior to 23.2R2-S4-EVO
- Junos OS Evolved - 23.4 versions prior to 23.4R2-S8-EVO
- Junos OS Evolved - 24.2 versions prior to 24.2R2-S4-EVO
- Junos OS Evolved - 24.4 versions prior to 24.4R1-S1-EVO, 24.4R2-S3-EVO
- Junos OS Evolved - 25.2 versions prior to 25.2R1-S2-EVO, 25.2R2-EVO
Review Juniper Networks Security Advisories and apply the necessary updates. | juniper |
| 313 | Qualcomm Security Advisory - April 2026 monthly rollup. [Published Date: 2026-04-09]
[Id:2026.04.09.003]
details...
On 6th April 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin - April and apply the necessary updates.
| Qualcomm |
| 314 | Tenable Security Advisory. [Published Date: 2026-04-09]
[Id:2026.04.09.004]
details...
On 9th April 2026, Tenable released security updates to address vulnerabilities affecting the T Tenable Security Center - version 6.8.0 and prior.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 315 | HPE Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.001]
details...
On 7th April 2026, HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Private 5G Core - version 1.25.3.0 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 316 | GitLab Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.002]
details...
On 8th April 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.10.3, 18.9.5 and 18.8.9
- GitLab Enterprise Edition (EE) - versions prior to 18.10.3, 18.9.5 and 18.8.9
Review the following advisories and apply the necessary updates:
| Gitlab |
| 317 | Apache ActiveMQ Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.003]
details...
On 8th April 2026, Apache published a security advisory to address vulnerabilities in the following products:
- Apache ActiveMQ Broker - versions prior to 5.19.4
- Apache ActiveMQ Broker - 6.0.0 versions prior to 6.2.3
Review the Apache security advisory and apply the necessary updates. | Apache |
| 318 | Palo Alto Networks Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.004]
details...
On 8th April 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- Autonomous Digital Experience Manager 5.11.0 - versions prior to 5.11.4
- Cortex XDR Agent 9.0 - versions prior to 9.0.1 without CU-2120 on Windows
- Cortex XDR Agent 8.9 - versions prior to 8.9.1 without CU-2120 on Windows
- Cortex XDR Agent 8.7-CE - versions prior to 8.7.101-CE without CU-2120 on Windows
- Cortex XDR Agent 8.3-CE - all without CI-2120 on Windows
- Cortex XDR Agent 7.9-CE - all without CI-2120 on Windows
- Cortex XSIAM Microsoft Teams Marketplace 1.5.0 - versions prior to 1.5.52
- Cortex XSOAR Microsoft Teams Marketplace 1.5.0 - versions prior to 1.5.52
- Prisma Browser - versions prior to 145.16.12.110
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 319 | SonicWall Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.005]
details...
On 8th April 2026, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- SMA1000 - version 12.4.3-03245 (platform-hotfix) and prior
- SMA1000 - version 12.5.0-02283 (platform-hotfix) and prior
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 320 | Ivanti Security Advisory - Update 2. [Published Date: 2026-04-08]
[Id:2026.04.08.006]
details...
On 29th January 2026, Ivanti published a security advisory to address critical vulnerabilities in the following product:
- Ivanti Endpoint Manager Mobile (EPMM) - version 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, version 12.5.1.0 and prior and 12.6.1.0 and prior
Update 1
On 29th January 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-1281 to their Known Exploited Vulnerabilities (KEV) Database.
Update 2
On 8th April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-1340 to their Known Exploited Vulnerabilities (KEV) Database.
Ivanti has stated that vulnerabilities CVE-2026-1281 & CVE-2026-1340 have been exploited in the wild.
Review the provided web links and apply the necessary updates.
| Ivanti |
| 321 | OpenSSL Security Advisory. [Published Date: 2026-04-08]
[Id:2026.04.08.007]
details...
On 7th April 2026, OpenSSL published security advisories to address vulnerabilities in the following products:
- OpenSSL - versions 3.6.0 to versions prior to 3.6.2
- OpenSSL - versions 3.5.0 to versions prior to 3.5.6
- OpenSSL - versions 3.4.0 to versions prior to 3.4.5
- OpenSSL - versions 3.3.0 to versions prior to 3.3.7
- OpenSSL - versions 3.0.0 to versions prior to 3.0.20
Review the OpenSSL Security News and apply the necessary updates. | OpenSSL |
| 322 | Fortinet Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.001]
details...
On 4th April 2026, Fortinet published security advisories to address vulnerabilities in FortiClientEMS 7.4 - version 7.4.5 to 7.4.6.
Review the following advisories and apply the necessary updates:
| Fortinet |
| 323 | Android security advisory - April 2026 Monthly Rollup. [Published Date: 2026-04-07]
[Id:2026.04.07.002]
details...
On 6th March 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 324 | Microsoft Edge Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.003]
details...
On 1st April 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 146.0.3856.97.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 325 | IBM Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.004]
details...
Between 30th March and 5th April 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- API Connect V12 OnPrem - versions 12.1.0.0 and 12.1.0.1
- Automation Assets in IBM Cloud Pak for Integration (CP4I) - multiple versions
- DB2 Client and Server - versions 12.1.0 to 12.1.4
- EDB PGAI AI Factory - version 1.3.0.0
- EDB PGAI Analytics Accelarator - version 1.3.0.0
- EDB PGAI Hybrid Data Management - version 1.3.0.
- EDB PostgreSQL with IBM for IBM Cloud Pak for Data - version 5.3.0
- HMC - versions V10.3.1050.0 to V10.3.1063.1
- HMC - versions V11.1.1110.0 to V11.1.1111.4
- IBM App Connect Enterprise Certified Containers Operands - versions 13.0.6.0-r1 to 13.0.6.2-r1
- IBM App Connect Operator - versions 12.19.0 to 12.21.0
- IBM Business Automation Manager Open Editions - versions 9.0.0 to 9.3.1
- IBM Content Navigator - version 3.0.15, 3.1.0 and 3.2.0
- IBM DataPower Gateway - multiple versions
- IBM Guardium Data Security Center Platform On-prem - version 3.8.7
- IBM Guardium Unified Discovery and Classification (GUDC) - versions 1.0.0 to 1.1.0
- IBM Library Support for Spring - versions 3.4, 3.2.19 and 2.7.31
- IBM Maximo Application Suite IoT Component - version 9.1, 9.0, 8.8 and 8.7
- IBM OpenAPI SDK Generator (Node.js) - version 5.4.9
- IBM Process Mining - versions 2.1.0 IF002, 2.1.0 IF001 and 2.1.0
- IBM Rational Build Forge - versions 8.0.0 to 8.0.0.29
- IBM Security Verify Access - versions 10.0 to 10.0.9.1
- IBM Security Verify Access Container - versions 10.0 to 10.0.9.1
- IBM Storage Protect Plus Server - - versions 10.1.0 to 10.1.17
- IBM Tivoli Netcool Impact - versions 7.1.0.0 to 7.1.0.37
- IBM Verify Identity Access - versions 11.0 to 11.0.2
- IBM Verify Identity Access Container - versions 11.0 to 11.0.2
- IBM Verify Identity Access Digital Credentials - versions 24.06 to 25.12
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.6.0
- InfoSphere Information Server - versions 11.7.0.0 to 11.7.1.6
- Maximo AI Service - version 9.1
- Platform Navigator in IBM Cloud Pak for Integration (CP4I) - multiple versions
- UCR IBM DevOps Release - versions 7.0.0 to 7.0.0.6
- UCR IBM UrbanCode Release - versions 6.2.5 to 6.2.5.11
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 326 | Red Hat Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.005]
details...
Between 30th March and 5th April 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 327 | VMware Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.006]
details...
On 2nd April 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu for Postgres - versions prior to 18.3.0
- VMware Tanzu for Postgres - versions prior to 17.9.0
- VMware Tanzu for Postgres - versions prior to 16.13.0
- VMware Tanzu for Postgres - versions prior to 15.17.0
- VMware Tanzu for Postgres - versions prior to 14.22.0
Review the following advisories and apply the necessary updates:
| Vmware |
| 328 | Mozilla Security Advisory. [Published Date: 2026-04-07]
[Id:2026.04.07.007]
details...
On 7th April 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 149.0.2
- Firefox ESR - versions prior to 34.1
- Firefox ESR - versions prior to 9.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 329 | WatchGuard Security Advisory. [Published Date: 2026-04-02]
[Id:2026.04.02.001]
details...
On 1st April 2026, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS 2025-1 - versions 2025.1 to 2026.1.2
- Fireware OS 12.x - versions 12.6.1 to 12.11.8
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 330 | OpenSSH Security Advisory. [Published Date: 2026-04-02]
[Id:2026.04.02.002]
details...
On 2nd April 2026, OpenSSH published a security advisory to address vulnerabilities in OpenSSH - versions prior to 10.3.
Review the following OpenSSH Security Advisory and apply the necessary updates:
| Openssh |
| 331 | Cisco Security Advisory. [Published Date: 2026-04-01]
[Id:2026.04.01.001]
details...
On 1st April 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco NFVIS Release - multiple versions
- Cisco IMC Release - multiple versions
- Cisco Telemetry Broker Appliances - version 6.0(2.260044) (M6) and prior
- IEC6400 Edge Compute Appliances - version 4.3(6.260017) (M6) and prior
- Secure Endpoint Private Cloud Appliances - versions 4.3(2.260007) (M5) and 4.3(6.260017) (M6)
- Secure Firewall Management Center Appliances - versions 4.3(2.260007) (M5) and 4.3(6.260017) (M6)
- Secure Malware Analytics Appliances - versions 4.3(2.260007) (M5) and 4.3(6.260017) (M6)
- Secure Network Analytics Appliances - versions 4.3(2.260007) (M5) and 6.0(2.260044) (M6)
- Secure Network Server Appliances - multiple versions
- Cisco SSM On-Prem Release - version 9-202510 and prior
- Cisco EPNM Release - versions 8.0 and prior, version 8.1 and prior
Review the following advisories and apply the necessary updates:
| Cisco |
| 332 | Drupal Security Advisory. [Published Date: 2026-04-01]
[Id:2026.04.01.002]
details...
On 1st April 2026, Drupal published security advisories to address vulnerabilities in SAML SSO - Service Provider - versions prior to 3.1.4
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 333 | Google Chrome Security Advisory - Update 1. [Published Date: 2026-04-01]
[Id:2026.04.01.003]
details...
On 31st March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.177/178 (Windows/Mac) and 146.0.7680.177 (Linux).
Update 1
On 1st April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-5281 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates when available.
On 31st March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.177/178 (Windows/Mac) and 146.0.7680.177 (Linux).
Update 1
On 1st April 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-5281 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates when available.
| Google |
| 334 | Nymaim or Avalanche-Nymaim Loader Malware Activity Detected in Bangladesh. [Published Date: 2026-04-01]
[Id:2026.04.01.004]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 335 | Axios NPM Package Compromise Deploying RAT Affecting Node.js Environments. [Published Date: 2026-04-01]
[Id:2026.04.01.005]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 336 | Nokia Security Advisory. [Published Date: 2026-03-31]
[Id:2026.03.31.001]
details...
On 30th March 2026, Nokia published a security advisory to address vulnerabilities in Nokia GX G42, GX G31, GX G32, GX G34 - versions prior to GX r9.0.
Review the following advisories and apply the necessary updates:
| Nokia |
| 337 | Symantec Security Advisory. [Published Date: 2026-03-31]
[Id:2026.03.31.002]
details...
On 30th March 2026, Symantec published a security advisory to address vulnerabilities in Symantec Data Loss Prevention (DLP) Windows Endpoint - versions prior to DLP 16.1 MP2 and DLP 25.1 MP1.
Review the Symantec Data Loss Prevention Security Update and apply the required updates. | Others |
| 338 | HPE Security Advisory. [Published Date: 2026-03-31]
[Id:2026.03.31.003]
details...
On 31st March 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Network Function Virtualization Orchestrator - version v7.5.0 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 339 | IBM Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.001]
details...
Between 23rd and 29th March 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Communications Server for AIX - version 6.4
- Communications Server for Data Center Deployment - versions 7.0 to 7.1
- Communications Server for Linux on System z - version 6.4
- Communications Server for Linux - version 6.4
- DataPower Operations Dashboard - versions 1.0.23.1 to 1.0.23.2
- DataStage on Cloud Pak for Data - version 5.3.1
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.23
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.6.2
- IBM App Connect Operator - multiple versions
- IBM CICS TX Standard - version 11.1
- IBM Common Licensing - multiple versions
- IBM DevOps Release - versions 7.0.0 to 7.0.0.5
- IBM Event Endpoint Management - versions 11.0.0 to 11.7.2
- IBM Industry Solutions Workbench - version 5.0.0.0 and 5.1.0.0
- IBM InfoSphere Optim Archive Viewer - versions 11.7 FixPack09 to 11.7 FixPack12
- IBM Knowledge Catalog Standard Cartridge - multiple versions
- IBM MQ Operator - multiple versions
- IBM Security QRadar Log Management AQL Plugin - versions 1.0.0 to 1.1.3
- IBM SPSS Modeler - multiple versions
- IBM Storage Protect Operations Center - version 8.2.0
- IBM WebSphere Automation - versions 1.11.0 to 1.11.1
- IBM supplied MQ Advanced container images - multiple versions
- IBM watsonx Code Assistant On Prem - multiple versions
- IBM webMethods BPM - version 11.1 and 10.15
- InfoSphere Information Server - versions 11.7.0.0 to 11.7.1.6
- SOAR App Host - multiple versions
- Sterling Connect:Direct FTP+ - versions 1.3.0.0 to 1.3.0.3
- UCB - IBM UrbanCode Build - version 6.1.7 to 6.1.7.9
- UCR - IBM UrbanCode Release - versions 6.2.5 to 6.2.5.11
- WebSphere Extreme Scale - version 8.6.1.0 to 8.6.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 340 | Dell Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.002]
details...
Between 23rd and 29th March 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- APEX Cloud Platform for Red Hat OpenShift - multiple versions
- APEX Cloud Platforms Solution Offerings - multiple versions
- APEX - multiple versions
- Dell Secure Connect Gateway Appliance - versions prior to 5.34.00.16
- Dell Storage Monitoring and Reporting - versions prior to 6.0.0.2
- Dell Storage Resource Manager - versions prior to 6.0.0.2
Review the following advisories and apply the necessary updates:
| Dell |
| 341 | Ubuntu Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.003]
details...
Between 23rd and 29th March 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 342 | Red Hat Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.004]
details...
Between 23rd and 29th March 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 343 | Hitachi Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.005]
details...
On 27th March 2026, Hitachi published a security update to address vulnerabilities in the Hitachi Disk Array Systems - multiple versions and models.
Review the following advisories and apply the necessary updates:
| Others |
| 344 | Docker Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.006]
details...
On 30th March 2026, Docker published security updates to address a vulnerability in Docker Desktop - versions prior to 4.67.0.
Review the Docker security bulletins and apply the required updates. | Docker |
| 345 | Roundcube Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.007]
details...
On 29th March 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Webmail - versions prior to 1.6.15
- Webmail - versions prior to 1.5.15
- Webmail - versions prior to 1.7 RC6
Review the following advisories and apply the necessary updates:
| Roundcube |
| 346 | Citrix security advisory - Update 1. [Published Date: 2026-03-30]
[Id:2026.03.30.008]
details...
On 23rd March 2026, Citrix published a security advisory to address critical vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 14.1-60.58
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 13.1-62.23
- NetScaler ADC FIPS and NDcPP - versions prior to 13.1-37.262
Update 1
On 30th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-3055 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and perform the suggested mitigations.
| Citrix |
| 347 | Ubuntu Security Advisory. [Published Date: 2026-03-30]
[Id:2026.03.30.009]
details...
Between 30th March and 5th April 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 348 | FreeBSD Security Advisory. [Published Date: 2026-03-27]
[Id:2026.03.27.001]
details...
Between 25th and 26th March 2026, FreeBSD published security advisories to address vulnerabilities in the following products:
- FreeBSD - version 14.x
- FreeBSD - version 15.0
- FreeBSD - version 13.5
Review the following advisories and apply the necessary updates:
| Others |
| 349 | Microsoft Edge Security Advisory. [Published Date: 2026-03-27]
[Id:2026.03.27.002]
details...
On 26th March 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 146.0.3856.84.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 350 | F5 Security Advisory - Update 1. [Published Date: 2026-03-27]
[Id:2026.03.27.003]
details...
On 15th October, 2025, F5 published a security advisory to address vulnerabilities in the following products:
- BIG-IP (all modules) - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP AFM - version 17.5.0, versions 17.1.0 to 17.1.2, versions 15.1.0 to 15.1.10
- BIG-IP APM - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP APM, APM with SWG, SSL Orchestrator, SSL Orchestrator with SWG - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP ASM - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5
- BIG-IP Advanced WAF/ASM - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP Next CNF - versions 2.0.0 to 2.1.0, versions 1.1.0 to 1.4.1
- BIG-IP Next SPK - versions 2.0.0 to 2.1.0, versions 1.7.0 to 1.9.2
- BIG-IP Next for Kubernetes - versions 2.0.0 to 2.1.0
- BIG-IP PEM - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP SSL Orchestrator - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, versions 15.1.0 to 15.1.10
- F5OS-A - versions 1.8.0 to 1.8.1, versions 1.5.1 to 1.5.3
- F5OS-C - version 1.8.0 to 1.8.1, versions 1.6.0 to 1.6.2
- NGINX App Protect WAF - versions 4.5.0 to 4.6.0
On 15th October 2025, F5 also published security incident K000154696, advising that threat actors exfiltrated files from BIG-IP products and that they are not aware of any active exploitation of undisclosed F5 vulnerabilities.
Update 1
F5 indicates that CVE-2025-53521 has been exploited.
On 27th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-53521 to their Known Exploited Vulnerabilities (KEV) Database.
Review the links provided below to identify F5 BIG-IP products, evaluate and address any potential compromise of any networked, managed interface exposed to the public internet, and apply F5 security updates.
| F5 |
| 351 | Squid Security Advisory. [Published Date: 2026-03-26]
[Id:2026.03.26.001]
details...
On 25th March 2026, Squid published security advisories to address vulnerabilities Squid - versions prior to 7.5.
Review the following advisories and apply the necessary updates:
| Others |
| 352 | HPE Security Advisory. [Published Date: 2026-03-26]
[Id:2026.03.26.002]
details...
On 26th March 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Service Orchestrator - versions prior to v5.5.1.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 353 | Spring Security Advisory. [Published Date: 2026-03-26]
[Id:2026.03.26.003]
details...
On 23rd and 26th March 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring Cloud Config - versions prior to 3.1.3, 4.1.9, 4.2.6, 4.3.2 and 5.0.2
- Spring AI - versions prior to 1.0.5 and 1.1.4
Review the provided web links and apply the necessary updates.
| Others |
| 354 | GitLab Security Advisory. [Published Date: 2026-03-25]
[Id:2026.03.25.001]
details...
On 25 th March 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.10.1, 18.9.3 and 18.8.7
- GitLab Enterprise Edition (EE) - versions prior to 18.10.1, 18.9.3 and 18.8.7
Review the following advisories and apply the necessary updates:
| Gitlab |
| 355 | Node.js security advisory. [Published Date: 2026-03-25]
[Id:2026.03.25.002]
details...
On 25th March 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- Node.js 20 - versions prior to v20.20.2 (LTS)
- Node.js 22 - versions prior to v22.22.2 (LTS)
- Node.js 24 - versions prior to v24.14.1 (LTS)
- Node.js 25 - versions prior to v25.8.2 (Current)
Review the following advisories and apply the necessary updates:
| NodeJS |
| 356 | n8n Security Advisory. [Published Date: 2026-03-25]
[Id:2026.03.25.003]
details...
On 25th March 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (Merge Node) - multiple versions
- n8n (Community Edition) - multiple versions
- n8n (Binary Data Inline HTML Rendering) - multiple versions
- n8n (GSuiteAdmin Node) - multiple versions
- n8n (Form Trigger/Chat Trigger Nodes) - multiple versions
Review the provided n8n Security and apply the necessary updates. | n8n |
| 357 | ISC BIND Security Advisory. [Published Date: 2026-03-25]
[Id:2026.03.25.004]
details...
On 25th March 2026, ISC published security advisories to address vulnerabilities in the following products:
- ISC BIND 9 - versions 9.11.0 to 9.16.50
- ISC BIND 9 - versions 9.18.0 to 9.18.46
- ISC BIND 9 - versions 9.20.0 to 9.20.20
- ISC BIND 9 - versions 9.21.0 to 9.21.19
- BIND Supported Preview Edition - versions 9.11.3-S1 to 9.16.50-S1
- BIND Supported Preview Edition - versions 9.18.11-S1 to 9.18.46-S1
- BIND Supported Preview Edition - versions 9.20.9-S1 to 9.20.20-S1
Review the following advisories and apply the necessary updates:
| ISC |
| 358 | Cisco Security Advisory. [Published Date: 2026-03-25]
[Id:2026.03.25.005]
details...
On 25th March 2024, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Catalyst 9300 Series Switches
- Cisco Catalyst 9200 Series Switches
- Cisco Catalyst 9000 Series Switches
- Cisco Catalyst ESS9300 Embedded Series Switches
- Cisco IOS Software
- Cisco IOS XE Software
- Cisco Secure Firewall ASA Software
- Cisco Secure FTD Software
- Cisco Catalyst IE9310 and IE9320 Rugged Series Switches
- Cisco IE3500 and IE3505 Rugged Series Switches
- Cisco Catalyst CW9800H Wireless Controllers
- Cisco Catalyst CW9800M Wireless Controllers
- Cisco Catalyst CW9800H1 Wireless Controllers
- Cisco Meraki MS390
- Cisco Catalyst SD-WAN Manager
Review the following advisories and apply the necessary updates:
| Cisco |
| 359 | Google Chrome Security Advisory. [Published Date: 2026-03-24]
[Id:2026.03.24.001]
details...
On 23rd March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.164/165 (Windows/Mac) and 146.0.7680.164 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 360 | Mozilla Security Advisory. [Published Date: 2026-03-24]
[Id:2026.03.24.002]
details...
On 24th March 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 149
- Firefox ESR - versions prior to 115.34
- Firefox ESR - versions prior to 140.9
Review the following advisories and apply the necessary updates:
| Mozilla |
| 361 | VMware Security Advisory. [Published Date: 2026-03-24]
[Id:2026.03.24.003]
details...
On 24th March 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu for Postgres - versions prior to 18.3.0
- VMware Tanzu for Postgres - versions prior to 17.9.0
- VMware Tanzu for Postgres - versions prior to 16.13.0
- VMware Tanzu for Postgres - versions prior to 15.17.0
- VMware Tanzu for Postgres - versions prior to 14.22.0
Review the following advisories and apply the necessary updates:
| Vmware |
| 362 | F5 Security Advisory. [Published Date: 2026-03-24]
[Id:2026.03.24.004]
details...
On 24th March 2026, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- NGINX Plus - versions R32 to R36
- NGINX Open Source - versions 1.0.0 to 1.29.6 and 0.5.13 to 0.9.7
Review the Out-of-band Security Notification (24th March, 2026) and apply the necessary updates. | F5 |
| 363 | Apple Security Advisory. [Published Date: 2026-03-24]
[Id:2026.03.24.005]
details...
On 24th March 2026, Apple published a security update to address vulnerabilities in the following products:
- iOS - versions prior to 18.7.7 and versions prior to 26.4
- iPadOS - versions prior to 18.7.7 and versions prior to 26.4
- macOS Sequoia - versions prior to 15.7.5
- macOS Sonoma - versions prior to 14.8.5
- macOS Tahoe - versions prior to 26.4
- tvOS - versions prior to 26.4
- visionOS - versions prior to 26.4
- watchOS - versions prior to 26.4
Review the provided Apple Security Advisory and apply the necessary updates.
| Apple |
| 364 | Exposure of End-of-Life Microsoft IIS Servers in Bangladesh. [Published Date: 2026-03-24]
[Id:2026.03.24.006]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 365 | IBM Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.001]
details...
Between 16th and 22nd March 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.6.1
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.23
- IBM Application Modernization Accelerator - versions 4.0.0 to 4.5.2
- IBM Cloud Pak for Business Automation - versions V24.0.0 to V24.0.0-IF007
- IBM Control Center - multiple versions
- IBM Informix Dynamic Server - version 12.10.x
- IBM Maximo Application Suite - Visual Inspection Component - version 9.1.x
- IBM Observability with Instana (OnPrem) - versions Build 1.0.285 to 1.0.311
- IBM Rhapsody Systems Engineering - versions 1.5.0 to 1.5.4 and 1.6.0
- IBM Sterling Connect:Direct for UNIX - versions 6.3.0.3 to 6.3.0.6.iFix032
- IBM Sterling Connect:Direct for UNIX - versions 6.4.0.0 to 6.4.0.4.iFix016
- IBM Sterling ITXA (fka Standards Processing Engine) - versions Transformation Extender Advanced 10.0.1.0 to 10.0.1.11
- IBM Sterling ITXA (fka Standards Processing Engine) - versions Transformation Extender Advanced 10.0.2.0 to 10.0.2.1
- IBM Transformation Advisor - versions 2.0.1 to 4.5.2
- IBM i - multiple versions
- IBM watsonx Code Assistant On Prem - multiple versions
- QRadar - versions 7.5.0 to 7.5.0 UP14 IF05
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 366 | Dell Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.002]
details...
Between 16th and 22nd March 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Policy Manager for Secure Connect Gateway - Appliance - versions prior to 5.32.00.18
- NetWorker - version 19.14
- NetWorker - versions 19.9 to 19.13.0.2
- PowerSwitch Z9664F-ON - versions prior to 3.54.5.1-11
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 367 | Ubuntu Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.003]
details...
Between 16th and 22nd March 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 368 | Red Hat Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.004]
details...
Between 16th and 22nd March 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 369 | Citrix Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.005]
details...
On 23rd March 2026, Citrix published security advisories to address vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 14.1-66.59
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 13.1-62.23
- NetScaler ADC FIPS and NDcPP - versions prior to 13.1-37.262
Review the following advisories and apply the necessary updates:
| Citrix |
| 370 | Microsoft Edge Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.006]
details...
On 20th March 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 146.0.3856.72.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 371 | VMware Security Advisory. [Published Date: 2026-03-23]
[Id:2026.03.23.007]
details...
On 20th March 2026, VMware published security advisories to address vulnerabilities in multiple Tanzu products.
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 372 | Oracle Security Advisory. [Published Date: 2026-03-20]
[Id:2026.03.20.001]
details...
On 19th March 2026, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Oracle Identity Manager - versions 12.2.1.4.0 and 14.1.2.1.0
- Oracle Web Services Manager - versions 12.2.1.4.0 and 14.1.2.1.0
Review the following Oracle Security Advisory and apply the necessary updates:
| Oracle |
| 373 | Apple Security Advisory – Update 1. [Published Date: 2026-03-20]
[Id:2026.03.20.002]
details...
On 29th July 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 18.6
- iPadOS - versions prior to 17.7.9
- macOS Sequoia - versions prior to 15.6
- macOS Sonoma - versions prior to 14.7.7
- macOS Ventura - versions prior to 13.7.7
- tvOS - versions prior to 18.6
- visionOS - versions prior to 2.6
- watchOS - versions prior to 11.6
Update 1
On 20th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-31277 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Apple |
| 374 | Apple Security Advisory – Update 1 [Published Date: 2026-03-20]
[Id:2026.03.20.003]
details...
On 3rd November 2025, Apple published security updates to address vulnerabilities in the following products:
- Safari - versions prior to 26.1
- Xcode - versions prior to 26.1
- iOS and iPadOS - versions prior to 26.1
- macOS Sequoia - versions prior to 15.7.2
- macOS Sonoma - versions prior to 14.8.2
- macOS Tahoe - versions prior to 26.1
- tvOS - versions prior to 26.1
- visionOS - versions prior to 26.1
- watchOS - versions prior to 26.1
Update 1
On 20th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-43510 and CVE-2025-43520 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Apple |
| 375 | Spring Security Advisory. [Published Date: 2026-03-19]
[Id:2026.03.19.001]
details...
On 19th March 2026, Spring published security advisories to address vulnerabilities in the following product:
- Spring Boot - multiple versions
- Spring Security - multiple versions
Review the provided web links and apply the necessary updates.
| Others |
| 376 | Kubernetes Security Advisory. [Published Date: 2026-03-19]
[Id:2026.03.19.002]
details...
On 19th March 2026, Kubernetes published security advisories to address vulnerabilities in the following products:
- Kubernetes ingress-nginx - versions prior to 1.13.9
- Kubernetes ingress-nginx - versions prior to 1.14.5
- Kubernetes ingress-nginx - versions prior to 1.15.1
Review the provided web links and apply the necessary updates.
| Kubernetes |
| 377 | Apple Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.001]
details...
On 17th March 2026, Apple published a security update to address vulnerabilities in the following products:
- iOS - versions prior to 26.3.1
- iPadOS - versions prior to 26.3.1
- macOS - versions prior to 26.3.1
- macOS - versions prior to 26.3.2
Review the provided web links and apply the necessary updates.
| Apple |
| 378 | GNU Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.002]
details...
On 11th March 2026, GNU published a security advisory to address a vulnerability in GNU InetUtils telnetd - versions 2.7 and prior.
Review the following provided web link and apply the necessary updates when available.
| GNU |
| 379 | GNU Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.003]
details...
On 11th March 2026, GNU published a security advisory to address a vulnerability in GNU InetUtils telnetd - versions 2.7 and prior.
Review the following provided web link and apply the necessary updates when available.
| GNU |
| 380 | Atlassian Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.004]
details...
On 17th March 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server- version 9.4.16 (LTS), versions 10.1.1 to 10.1.4
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Fisheye/Crucible - version 4.8.16, versions 4.9.0 to 4.9.7
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 381 | Citrix Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.005]
details...
On 18th March 2026, Citrix published a security Advisory to address a vulnerability in XenServer - version 8.4.
Review the following advisories and apply the necessary updates:
| Citrix |
| 382 | Roundcube Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.006]
details...
On 18th March 2026, Roundcube published security advisories to address vulnerabilities in the following products:
- Webmail - versions prior to 1.6.14
- Webmail - versions prior to 1.5.14
Review the following advisories and apply the necessary updates:
| Roundcube |
| 383 | Jenkins Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.007]
details...
On 18th March 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Jenkins weekly - version 2.554 and prior
- Jenkins LTS - versions 2.541.2 and prior
- LoadNinja Plugin - versions 2.1 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 384 | Google Chrome Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.008]
details...
p class="x_MsoNormal">On 18th March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.153/154 (Windows/Mac) and 146.0.7680.153 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 385 | Microsoft Security Advisory – January 2026 monthly rollup – Update 2. [Published Date: 2026-03-18]
[Id:2026.03.18.009]
details...
On 13th January, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- Azure Connected Machine Agent
- Azure Core shared client library for Python
- Microsoft 365 Apps for Enterprise
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office Deployment Tool
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Word 2016
- Office Online Server
- Windows 10
- Windows 11
- Windows Admin Center in Azure Portal
- Windows SDK
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Update 1 On 26th January, 2026, Microsoft published an out-of-band security advisory to address an important vulnerability CVE-2026-21509.
As well, on 26th January, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-21509 to their Known Exploited Vulnerabilities (KEV) Database.
Microsoft has received reports that CVE-2026-20805 and CVE-2026-21509 are being exploited.
Update 2 On 18th March, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20963 to their Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links and apply the necessary updates.
| Microsoft |
| 386 | VMware Security Advisory. [Published Date: 2026-03-18]
[Id:2026.03.18.010]
details...
On 20th March 2026, VMware published security advisories to address vulnerabilities in multiple Tanzu products.
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 387 | Spring Security Advisory. [Published Date: 2026-03-17]
[Id:2026.03.17.001]
details...
On 17th March 2026, Spring published security advisories to address vulnerabilities in the following product:
- Spring AI - 1.0.x versions prior to 1.0.4
- Spring AI - 1.1.x versions prior to 1.1.3
Review the provided web links and apply the necessary updates.
| Others |
| 388 | GitHub Security Advisory [Published Date: 2026-03-17]
[Id:2026.03.17.002]
details...
On 12th March 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.4
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.7
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.13
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.16
Review the following advisories and apply the necessary updates:
| Github |
| 389 | ConnectWise Security Advisory. [Published Date: 2026-03-17]
[Id:2026.03.17.003]
details...
On 17th March 2026, ConnectWise published a security update to address vulnerabilities in ConnectWise ScreenConnect - versions prior to 26.1.
Review the following ConnectWise Security Advisory and apply the necessary updates:
| ConnectWise |
| 390 | IBM Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.001]
details...
Between 9th and 15th March 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Cloudera Data Platform Private Cloud Base with IBM (CDP) - version 7.1.9
- Cloudera Data Platform Private Cloud Base with IBM (CDP) - version 7.3.1
- ELM on Hybrid Cloud - versions 1.2.0, 1.1.0 and 1.0.0
- IBM AIX - versions 7.2 and 7.3
- IBM CICS Transaction Gateway Desktop Edition - multiple versions
- IBM CICS Transaction Gateway for Multiplatforms - multiple versions
- IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
- IBM Knowledge Catalog Premium Cartridge - multiple versions
- IBM Library Support for Struts - version 1.2
- IBM MQ (LTS/CD) - multiple versions
- IBM Maximo Application Suite - Visual Inspection Component - multiple versions
- IBM Observability with Instana (Agent) - versions Build 1.0.303 to 1.0.313
- IBM Security SOAR - multiple versions
- IBM Security Verify Directory (Container) - versions 10.0.0 to 10.0.4
- IBM Sterling Connect:Direct File Agent - versions 1.4.0.3 to 1.4.0.5_iFix005 with bundled JRE on AIX, Linux x64, Linux PPC and Windows
- IBM Sterling Connect:Direct for Microsoft Windows - versions 6.3.0.3 to 6.3.0.6_iFix038
- IBM Sterling Connect:Direct for Microsoft Windows - versions 6.4.0.0 to 6.4.0.4_iFix009
- IBM Sterling Partner Engagement Manager (Essentials Edition/Standard Edition) - versions 6.2.3.0 to 6.2.3.5, versions 6.2.4.0 to 6.2.4.2
- IBM Verify Directory (Container) - version 11.0.0.0
- IBM Verify Identity Governance (ISVG) - version ISVG 10.0.2
- IBM Verify Identity Governance (IVIG) - version IVIG 11.0.0
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 5.0.0 to 5.3
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component - versions 5.1.0 to 5.2.1
- IBM - VIOS versions 3.1 and 4.1
- QRadar Suite Software - versions 1.10.12.0 to 1.11.8.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 391 | Dell Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.002]
details...
Between 9th and 15th March 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Gen5A - versions prior to 2.25.0 and 24.0.0
- Dell Connectrix B-Series FOS and SANnav - multiple versions
- Dell Connectrix B-Series SANnav - versions prior to 2.4.0a and 3.0.0
- PowerSwitch E3200-ON Series - versions prior to 3.57.5.1-6
- PowerSwitch Z9664F-ON - versions prior to 3.54.5.1-11
- Secure Connect Gateway-Appliance - versions between v5.28.00.00 and v5.32.00.00
- Secure Connect Gateway-Application - versions between v5.28.00.00 and v5.32.00.00
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 392 | Ubuntu Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.003]
details...
Between 9th and 15th March 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 393 | Google Chrome Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.004]
details...
On 13th March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.80 (Windows/Mac) and 146.0.7680.80 (Linux).
Review the Google security bulletins and apply the required updates.
| Google |
| 394 | Red Hat Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.005]
details...
Between 9th and 15th March 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 395 | Microsoft Edge Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.006]
details...
On 13th March 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 46.0.3856.59.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 396 | HPE Security Advisory. [Published Date: 2026-03-16]
[Id:2026.03.16.007]
details...
On 16th March 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Service Orchestrator - versions prior to v4.2.12.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 397 | Cyber Security Alert During Long Holiday [Published Date: 2026-03-15]
[Id:2026.03.15.001]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 398 | Google Chrome Security Advisory - Update 1. [Published Date: 2026-03-13]
[Id:2026.03.13.001]
details...
On 12th March, 2026, Google published a security advisory to address vulnerabilities in the following product:
- Stable Channel Chrome for Desktop - versions prior to 146.0.7680.75/76 (Windows/Mac) and 146.0.7680.75 (Linux)
Google is aware that exploits for CVE-2026-3909 and CVE-2026-3910 are in the wild.
Update 1
On 13th March, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-3909 and CVE-2026-3910 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates when available.
| Google |
| 399 | Splunk Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.001]
details...
On 11th March 2026, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - multiple versions
- Splunk Cloud Platform - multiple versions
- Splunk AppDynamics On-Premises Enterprise Console - versions prior to 26.1.1
- Splunk AppDynamics Machine Agent - versions prior to 26.1.0
- Splunk AppDynamics Private Synthetic Agent - versions prior to 26.1.0
- Splunk AppDynamics Java Agent - versions prior to 26.1.0
- Splunk AppDynamics NodeJS Agent - versions prior to 25.12.1
- Splunk AppDynamics Database Agent - versions prior to 26.1.0
- Splunk AppDynamics Analytics Agent - versions prior to 26.1.0
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 400 | Palo Alto Networks Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.002]
details...
On 11th March 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- Cortex XDR Broker VM 30.0.0&bsp;- versions prior to 30.0.49
- Cortex XDR Agent 8.7-CE&bsp;- versions prior to 8.7.101-CE on macOS
- Cortex XDR Agent 8.3-CE&bsp;- versions prior to 8.3.102-CE on macOS
- Prisma Browser - versions prior to 145.7.9.76
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 401 | Veeam Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.003]
details...
On 12th March 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Veeam Backup & Replication - 12 versions prior to 12.3.2.4165
- Veeam Backup & Replication - 13 versions prior to 13.0.1.2067
Review the following advisories and apply the necessary updates:
| Veeam |
| 402 | GitHub Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.004]
details...
On 12th March 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.3
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.6
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.12
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.15
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.19
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.24
Review the following advisories and apply the necessary updates:
| Github |
| 403 | Zoom Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.005]
details...
On 10th March 2026, Zoom published a security advisory to address vulnerabilities in the following products:
- Zoom Meeting SDK for Windows - versions prior to 6.6.11
- Zoom Rooms for Windows - versions prior to 6.6.5
- Zoom Workplace for Windows - versions prior to 6.6.11
- Zoom Workplace VDI Client for Windows - versions prior to 6.4.17, 6.5.15 and 6.6.10
Review the following advisories and apply the necessary updates:
| Zoom |
| 404 | Apple Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.006]
details...
On 11th March 2026, Apple published security updates to address vulnerabilities in the following products:
- iOS - versions prior to 16.7.15
- iPadOS - versions prior to 16.7.15
- iOS - versions prior to 15.8.7
- iPadOS - versions prior to 15.8.7
Review the provided Apple Security Advisory and apply the necessary updates.
| Apple |
| 405 | HPE Security Advisory. [Published Date: 2026-03-12]
[Id:2026.03.12.007]
details...
On 12th March 2026, HPE published a security advisory to address vulnerabilities in HPE Compute Scale-up Server 3200 - versions prior to v1.70.74
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 406 | Intel Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.001]
details...
On 11th March 2026, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 407 | Google Chrome Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.002]
details...
On 10th March 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 146.0.7680.71/72 (Windows/Mac) and 1 46.0.7680.71 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 408 | VMware Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.003]
details...
On 11th March 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu Valkey on Kubernetes - version 3.3.2
- VMware Tanzu Valkey - version 7.2.11
- VMware Tanzu Valkey - version 8.0.6
- VMware Tanzu Valkey - version 8.1.5
- VMware Tanzu Valkey - version 9.0.2
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 409 | GitLab Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.004]
details...
On 11th March 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.9.2, 18.8.6 and 18.7.6
- GitLab Enterprise Edition (EE) - versions prior to 18.9.2, 18.8.6 and 18.7.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 410 | Cisco Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.005]
details...
On 11th March 2024, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco NCS 5700 Series line cards - multiple versions
- Cisco NCS 5700 Series Fixed Chassis - multiple versions
- Cisco IOS XR Software - multiple versions
- Cisco Unified Intelligence Center - all versions
- Cisco Finesse - all versions
- Cisco Packaged CCE - all versions
- Cisco Unified CCE - all versions
- Cisco Unified CCX - all versions
Review the following advisories and apply the necessary updates:
| Cisco |
| 411 | HPE Security Advisory [Published Date: 2026-03-11]
[Id:2026.03.11.006]
details...
On 11th March 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE ProLiant DL/ML/XD/XL Servers - multiple versions
- HPE Alletra Servers - multiple versions
- HPE Apollo Servers - multiple versions
- HPE Synergy Servers - multiple versions
- HPE Microserver Servers - multiple versions
- HPE Edgeline Servers - multiple versions
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 412 | Drupal Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.007]
details...
On 11th March 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Unpublished Node Permissions - versions prior to 1.7.0
- AI (Artificial Intelligence) - versions prior to 1.1.11 and 1.2.x versions prior to 1.2.12
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 413 | JetBrains Security Advisory. [Published Date: 2026-03-11]
[Id:2026.03.11.008]
details...
On 11th March 2026, JetBrains published security advisories to address vulnerabilities JetBrains Hub - versions prior to 2026.1.
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 414 | n8n Security Advisory - Update 1. [Published Date: 2026-03-11]
[Id:2026.03.11.009]
details...
On 19th December, 2025, n8n published a security update to address a critical vulnerability in n8n workflow automation – versions 0.211.0 to versions prior to 1.120.4.
Update 1
On 11th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-68613 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following n8n Security Advisory and apply the necessary updates.
| n8n |
| 415 | Cisco Security Advisory – Update 2. [Published Date: 2026-03-11]
[Id:2026.03.11.010]
details...
On 4th March, 2026, Cisco published security advisories to address vulnerabilities in the following products. Included were critical updates for the following:
- Cisco Security Cloud Control (SCC) Firewall Management - all versions
- Cisco Secure Firewall Management Center (FMC) - all versions
- Cisco Secure Firewall Adaptive Security Appliance (ASA) - versions prior to 9.20.4.14
- Cisco Secure Firewall Threat Defense (FTD) - all versions
Update 1
On 18th March, 2026, Cisco stated that CVE-2026-20131 is being actively exploited.
Update 2 On 19th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20131 to its Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links, implement the recommended actions, and apply the necessary updates when available.
| Cisco |
| 416 | Kubernetes Security Advisory. [Published Date: 2026-03-10]
[Id:2026.03.10.002]
details...
On 9th March 2026, Kubernetes published security advisories to address vulnerabilities in the following products:
- Kubernetes ingress-nginx - versions prior to 1.13.8
- Kubernetes ingress-nginx - versions prior to 1.14.4
- Kubernetes ingress-nginx - versions prior to 1.15.0
Review the Kubernetes Security Advisory and apply the necessary updates. | Kubernetes |
| 417 | SAP security advisory - March 2026 monthly rollup. [Published Date: 2026-03-10]
[Id:2026.03.10.003]
details...
On 9th March 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver Enterprise Portal Administration - version EP-RUNTIME 7.50
- SAP Quotation Management Insurance Application (FS-QUO) - version FS-QUO 800
- SAP Supply Chain Management - multiple versions
Review the provided web links, perform the suggested mitigations, and apply the necessary updates.
| SAP |
| 418 | Mozilla Security Advisory. [Published Date: 2026-03-10]
[Id:2026.03.10.004]
details...
On 9th March 2026, Mozilla published security advisories to address vulnerabilities in Firefox versions prior to 148.0.2.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 419 | Microsoft Security Advisory - March 2026 monthly rollup. [Published Date: 2026-03-10]
[Id:2026.03.10.005]
details...
On 10th March 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- ASP.NET Core 10.0
- ASP.NET Core 8.0
- ASP.NET Core 9.0
- .NET 10.0
- .NET 9.0
- Azure AD SSH Login extension for Linux
- Azure Automation Hybrid Worker Windows Extension
- Azure ARC Enabled Servers - Azure Connected Machine Agent
- Azure IoT Explorer
- Azure Linux Virtual Machines with Azure Diagnostics extension
- Azure MCP Server Tools
- Azure Windows Extension
- GitHub Repo: Zero Shot scFoundation
- Microsoft 365
- Microsoft ACI Confidential Containers
- Microsoft Authenticator for Android
- Microsoft Authenticator for IOS
- Microsoft.Bcl.Memory 10.0
- Microsoft.Bcl.Memory 9.0
- Microsoft Devices Pricing Program
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office for Android
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for MAC 2021
- Microsoft Office LTSC for MAC 2024
- Microsoft Office Online Server
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft SQL Server 2025, 2022, 2019, 2017 and 2016
- Office Online Server
- Payment Orchestrator Service
- System Center Operations Manager 2019, 2022 and 2025
- Windows 10
- Windows 11
- Windows Admin Center in Azure Portal
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 420 | Ivanti Security Advisory. [Published Date: 2026-03-10]
[Id:2026.03.10.006]
details...
On 9th March 2026, Ivanti published a security advisory to address a vulnerability in Ivanti Desktop and Server Management (DSM) versions 2026.1 and prior.
Review the following advisories and apply the necessary updates:
| Ivanti |
| 421 | Adobe Security Advisory. [Published Date: 2026-03-10]
[Id:2026.03.10.007]
details...
On 10th March 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Commerce - multiple versions
- Adobe Commerce B2B - multiple versions
- Magento Open Source - multiple versions
- Illustrator 2025 - version 29.8.4 and prior
- Illustrator 2025 - version 30.1 and prior
- Adobe Substance 3D Painter - version 11.1.2 and prior
- Acrobat DC - version 25.001.21265 and prior
- Acrobat Reader DC - version 25.001.21265 and prior
- Acrobat 2024 (Win) - version 24.001.30307 and prior
- Acrobat 2024 (Mac) - version 24.001.30308 and prior
- Adobe Premiere Pro - version 25.5 and prior
- Adobe Experience Manager (AEM) - version AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) - versions 6.5 LTS SP1 and 6.5.SP23 and prior
- Adobe Substance 3D Stager - version 3.1.7 and prior
- Adobe DNG Software Development Kit (SDK) - version DNG SDK 1.7.1 build 2471 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 422 | Fortinet Security Advisory. [Published Date: 2026-03-10]
[Id:2026.03.10.008]
details...
On 10th March 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiClientLinux 7.4 - versions 7.4.0 to 7.4.4
- FortiClientLinux 7.2 - versions 7.2.2 to 7.2.12
- FortiManager 7.4 - versions 7.4.0 to 7.4.2
- FortiManager 7.2 - versions 7.2.0 to 7.2.10
- FortiManager 6.4 - all versions
- FortiSwitchAXFixed 1.0 - versions 1.0.0 to 1.0.1
- FortiWeb 8.0 - versions 8.0.0 to 8.0.2
- FortiWeb 7.6 - versions 7.6.0 to 7.6.5
- FortiWeb 7.4 - versions 7.4.0 to 7.4.10
- FortiWeb 7.2 - versions 7.2.0 to 7.2.11
- FortiWeb 7.0 - versions 7.0.0 to 7.0.11
Review the Fortinet Security Advisories and apply the necessary updates. | Fortinet |
| 423 | HPE Security Advisory [Published Date: 2026-03-10]
[Id:2026.03.10.009]
details...
On 9th March 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Aruba Networking AOS-CS - multiple versions
- HPE Telco Intelligent Assurance - versions prior to FAS 4.2.14
- HPE Telco Intelligent Assurance - versions prior to PDO 4.2.14
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 424 | SolarWinds security advisory - Update 1. [Published Date: 2026-03-10]
[Id:2026.03.10.010]
details...
On 17th September 2025, SolarWinds published a security advisory to address critical vulnerabilities in the SolarWinds Web Help Desk - version 12.8.7 and prior.
Update 1
On 9th March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-26399 to its Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
| Solarwinds |
| 425 | IBM Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.001]
details...
Between 3rd and 8th March 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Cloudera Data Platform Private Cloud Base with IBM (CDP) - version 7.1.9 and 7.3.1
- DS8A00 (R10.0-R10.1) - versions 10.1.3.0 to 10.10.106.1
- DS8900F (R9.4) - versions 89.40.83.0 to 89.44.5.0
- IBM API Connect - versions V10.0.8.0 to 10.0.8.6
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM App Connect Operator - multiple versions
- IBM DB2 Data Management Console - versions 3.1.11 and 3.1.12
- IBM DevOps Build - versions 7.0.0 to 7.1.0.1
- IBM Engineering Requirements Management DOORS and DOORS Web Access - versions 9.7.2.1 to 9.7.2.10, versions 9.6.1.1 to 9.6.1.13
- IBM Observability with Instana (Agent) - versions Build 1.0.301 to 1.0.312
- IBM Tivoli Netcool/OMNIbus GUI - version 8.1.0
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.4.0
- IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - multiple versions
- InfoSphere Data Architect - versions 9.0.0 and 9.2.1
- UCB - IBM UrbanCode Build - versions 6.1.7 to 6.1.7.10
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 426 | Ubuntu Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.002]
details...
Between 3rd and 8th March 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 427 | Red Hat Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.003]
details...
Between 3rd and 8th March 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 428 | Dell Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.004]
details...
Between 3rd and 8th March 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell NetWorker - version 8.0.27
- Dell NetWorker - versions prior to 17.0.4
- Dell PowerScale F210/ F710/F910/PA110 - versions prior to 13.2.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 429 | Microsoft Edge Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.005]
details...
On 6th March 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 145.0.3800.97.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 430 | Mozilla Security Advisory. [Published Date: 2026-03-09]
[Id:2026.03.09.006]
details...
On 2nd March 2026, Mozilla published security advisories to address vulnerabilities in Focus for iOS - versions prior to 148.2.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 431 | Ivanti Security Advisory - Update 1. [Published Date: 2026-03-09]
[Id:2026.03.09.007]
details...
On 9th February, 2026, Ivanti published a security advisory to address vulnerabilities in the Ivanti Endpoint Manager (EPM) - version 2024 SU4 SR1 and prior.
Update 1
On 9th March, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-1603 to its Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.
| Ivanti |
| 432 | OpenText Security Advisory. [Published Date: 2026-03-05]
[Id:2026.03.05.001]
details...
On 27th February 2026, OpenText released security updates to address multiple vulnerabilities affecting Filr, up to version 25.1.2.
Review the OpenText security bulletins and apply the required updates. | Others |
| 433 | Google Chrome Security Advisory. [Published Date: 2026-03-04]
[Id:2026.03.04.001]
details...
On 23rd February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.159/160 (Windows/Mac) and 145.0.7632.159 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 434 | Tenable Security Advisory. [Published Date: 2026-03-04]
[Id:2026.03.04.002]
details...
On 3rd March 2026, Tenable published a security advisory to address vulnerabilities in the following products:
- Nessus Manager - version 10.10.2 and prior
- Nessus Manager - versions 10.11.0 to 10.11.2
Review the following advisories and apply the necessary updates:
| Tenable |
| 435 | HPE Security Advisory. [Published Date: 2026-03-04]
[Id:2026.03.04.003]
details...
On 4th March 2026, HPE published a security advisory to address vulnerabilities in HPE Aruba Networking - multiple versions and models.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 436 | Cisco Security Advisory. [Published Date: 2026-03-04]
[Id:2026.03.04.004]
details...
On 4th March 2024, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Security Cloud Control (SCC) Firewall Management - all versions
- Cisco Secure Firewall Management Center (FMC) - all versions
Review the following advisories and apply the necessary updates:
| Cisco |
| 437 | Drupal Security Advisory. [Published Date: 2026-03-04]
[Id:2026.03.04.005]
details...
On 4th March 2026, Drupal published security advisories to address vulnerabilities in the following products:
- File Access Fix (deprecated) - versions prior to 1.2.0
- AJAX Dashboard - versions prior to 3.1.0
- Calculation Fields - versions prior to 1.0.4
- Google Analytics GA4 - versions prior to 1.1.13
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 438 | WatchGuard Security Advisory. [Published Date: 2026-03-03]
[Id:2026.03.03.001]
details...
On 3rd March 2026, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS - versions prior to 11.12.4_Update1
- Fireware OS - versions prior to 12.11.8
- Fireware OS - versions prior to 2026.1.2
- Fireware OS - versions prior to 12.5.17
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 439 | Samsung Mobile Security Advisory. [Published Date: 2026-03-03]
[Id:2026.03.03.002]
details...
On 3rd March 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-MAR-2026.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 440 | Django security advisory. [Published Date: 2026-03-03]
[Id:2026.03.03.003]
details...
On 3rd March 2026, Django published security advisories addressing vulnerabilities across multiple products. Included were updates for the following:
- Django 4.2 - versions prior to 4.2.29
- Django 5.2 - versions prior to 5.2.12
- Django 6.0 - versions prior to 6.0.3
Review the Django Security Advisory and apply the necessary updates. | Django |
| 441 | VMware security advisory - Update 1. [Published Date: 2026-03-03]
[Id:2026.03.03.004]
details...
On 24th February 2026, VMware published security advisories to address vulnerabilities in the following products:
Update 1
On 3rd March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-22719 to their Known Exploited Vulnerabilities (KEV) Database.
- VMware Cloud Foundation - versions prior to 9.0.2.0
- VMware vSphere Foundation - versions prior to 9.0.2.0
- VMware Aria Operations - versions prior to 8.18.6
Review the provided web link and apply the necessary updates.
| Vmware |
| 442 | Qualcomm security advisory - March 2026 monthly rollup - Update 1. [Published Date: 2026-03-03]
[Id:2026.03.03.005]
details...
On 2nd March 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Update 1
On 3rd March 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-21385 to its Known Exploited Vulnerabilities (KEV) Database.
Review the provided web link and apply the necessary updates.
| Qualcomm |
| 443 | IBM Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.001]
details...
Between 23rd February and 1st Marchh February 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- DataStage on Cloud Pak for Data - version 5.3.0
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.6.1, versions 12.0.1.0 to 12.0.12.22
- IBM Automation Decision Services - versions 25.0.0, 24.0.0 and 24.0.1
- IBM Business Automation Insights - versions 25.0.0, 24.0.1 and 24.0.0
- IBM CICS TX Advanced - version 10.1
- IBM CICS TX Standard - version 11.1
- IBM Cognos Command Center - versions 10.2.5 to 10.2.5 FP1 IF2, versions 10.2.4.1 to 10.2.4.1 IF19
- IBM DevOps Solutions Workbench - versions 5.0.0.0 and 5.1.0.0
- IBM License Metric Tool - versions 9.2.0 to 9.2.41
- IBM Maximo Application Suite - IoT Component – multiple versions
- IBM Security Verify Governance - version ISVG 10.0.2
- IBM Security Verify Governance, Identity Manager - Software component – version ISVG 10.0.2
- IBM Security Verify Governance, Identity Manager - Virtual Appliance component - version ISVG 10.0.2
- IBM Sterling Secure Proxy - multiple version
- IBM TXSeries for Multiplatforms - multiple versions
- IBM Terracotta - versions 11.1 to 11.1.0.10
- IBM Tivoli Netcool/OMNIbus_GUI - versions 8.1.0 to 8.1.0.39
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.3.0
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 5.0.0 to 5.3
- ICP - Discovery - versions 5.0.0 to 5.3.0
- MongoDB Enterprise Advanced with IBM (Ops Manager) - versions 7.0.0 to 7.0.17, versions 8.0.0 to 8.0.12
- QRadar - versions 7.5.0 to 7.5.0 UP14 IF04
- Total Storage Service Console (TSSC) / TS4500 IMC - multiple version
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 444 | Dell Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.002]
details...
Between 23rd February and 1st March 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerStore T Security - versions prior to 4.3.1.0-2662695
- Dell AMD-based PowerEdge Server - multiple versions and models
- Dell PowerEdge - multiple versions and models
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 445 | Ubuntu Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.003]
details...
Between 23rd February and 1st March 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates | Ubuntu |
| 446 | Red Hat Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.004]
details...
Between 23rd February and 1st March 2026, Red Hat published security advisories addressing vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 447 | HPE Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.005]
details...
On 27th February 2026, HPE published a security advisory to address vulnerabilities in HPE AutoPass License Server (APLS) - versions prior to 9.19.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 448 | VMware Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.006]
details...
On 27th February 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu Greenplum - versions prior to 7.7.1
- VMware Tanzu Greenplum - versions prior to 6.32.1
- VMware Tanzu Greenplum Upgrade - versions prior to 1.10.3
- VMware Tanzu Greenplum Backup and Restore - versions prior to 1.32.4
- VMware Tanzu RabbitMQ on Kubernetes - multiple versions
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 449 | Android security advisory - March 2026 Monthly Rollup. [Published Date: 2026-03-02]
[Id:2026.03.02.007]
details...
On 2nd March 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 450 | Veeam Security Advisory. [Published Date: 2026-03-02]
[Id:2026.03.02.008]
details...
On 2nd March 2026, Veeam published security advisories to address vulnerabilities in the following products:
- Veeam Kasten for Kubernetes - multiple versions
- Kasten K10 by Veeam - multiple versions
Review the following advisories and apply the necessary updates:
| Veeam |
| 451 | Microsoft Edge Security Advisory. [Published Date: 2026-02-27]
[Id:2026.02.27.001]
details...
On 26th February 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 145.0.3800.82.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates.
| Microsoft |
| 452 | FreeBSD Security Advisory. [Published Date: 2026-02-27]
[Id:2026.02.27.002]
details...
On 24th February 2026, FreeBSD published security advisories to address vulnerabilities in the following products:
- FreeBSD - version 14.3
- FreeBSD - version 13.5
Review the following advisories and apply the necessary updates:
| Others |
| 453 | ServiceNow Security Advisory. [Published Date: 2026-02-26]
[Id:2026.02.26.001]
details...
On 25th January 2026, ServiceNow published security advisories to address vulnerabilities in multiple versions of the following products:
- ServiceNow Australia - versions prior to Australia
- ServiceNow Xanadu - versions prior to Xanadu Patch 11 Hot Fix 1a
- ServiceNow Yokohama - versions prior to Yokohama Patch 12 and Patch 10 Hot Fix 1b
- ServiceNow Zurich - versions prior to Zurich Patch 5 and Patch 4 Hot Fix 3b
Review the following advisories and apply the necessary updates:
| ServiceNow |
| 454 | Drupal Security Advisory. [Published Date: 2026-02-26]
[Id:2026.02.26.002]
details...
On 25th February 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Material Icons - versions prior to 2.0.4
- Theme Negotiation by Rules - versions prior to 1.2.1
- Tagify - versions prior to 1.2.49
- Anti-Spam by CleanTalk - versions prior to 9.7.0
- CAPTCHA - versions prior to 1.17.0, version 2.0.0 to versions prior to 2.0.10
- Islandora - versions prior to 2.17.5
- Drupal Canvas - versions prior to 1.1.1
- SAML SSO - Service Provider - versions prior to 3.1.3
- Responsive Favicons - versions prior to 2.0.2
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 455 | n8n Security Advisory. [Published Date: 2026-02-26]
[Id:2026.02.26.003]
details...
On 25th February 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (Merge Node) - multiple versions
- n8n (Expression Sandbox) - multiple versions
- n8n (Task Runner Sandbox) - multiple versions
- n8n (Form Node) - multiple versions
- n8n (Form Trigger/Chat Trigger/Send & Wait/Webhook/Chat Nodes) - multiple versions
Review the following n8n Security Advisory and apply the necessary updates:
| n8n |
| 456 | Zyxel Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.001]
details...
On 24th February 2026, Zyxel published security advisories to address vulnerabilities in the following products:
- 4G LTE/5G NR CPE - multiple models and versions
- DSL/Ethernet CPE - multiple models and versions
- Fiber ONTs - multiple models and versions
- Security Routers - multiple models and versions
- Wireless Extenders - multiple models and versions
Review the following advisories and apply the necessary updates:
| Zyxel |
| 457 | Trend Micro Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.002]
details...
On 24th February 2026, Trend Micro published security advisories to address vulnerabilities in the following products:
- Apex One (on-premise) - versions prior to 2019 (on-prem)
- Apex One as a service - SaaS
- Trend Vision One Endpoint - Standard Endpoint Protection – Saas
Review the following advisories and apply the necessary updates:
| Trendmicro |
| 458 | AMD Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.003]
details...
On 24th February 2026, AMD published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- AMD Athlon and AMD Ryzen Processors - multiple models and versions
- AMD Ryzen Embedded Processors - multiple models and versions
- AMD EPYC and AMD EPYC Embedded Series Processors - multiple models and versions
Review the following advisories and apply the necessary updates:
| AMD |
| 459 | GitLab Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.004]
details...
On 25th February 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.9.1, 18.8.5 and 18.7.5
- GitLab Enterprise Edition (EE) - versions prior to 18.9.1, 18.8.5 and 18.7.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 460 | JetBrains Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.005]
details...
On 25th February 2026, JetBrains published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- JetBrains TeamCity - versions prior to 2025.11.3
- JetBrains YouTrack - versions prior to 2025.3.121962
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 461 | Juniper Networks Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.006]
details...
On 25th February 2026, Juniper Networks published security advisories to address vulnerabilities in Juniper Secure Analytics (JSA) 7.5.0 - versions prior to 7.5.0 UP14 IF01.
Review the following Juniper Security Advisory and apply the necessary updates:
| juniper |
| 462 | VMware Security Advisory. [Published Date: 2026-02-25]
[Id:2026.02.25.007]
details...
Between 24th and 25th February 2026, VMware released a security advisory addressing multiple vulnerabilities in VMware Tanzu - multiple versions and platforms.
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 463 | VMware Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.005]
details...
On 24th February 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Cloud Foundation - versions prior to 9.0.2.0
- VMware vSphere Foundation - versions prior to 9.0.2.0
- VMware Aria Operations - versions prior to 8.18.6
Review the following advisories and apply the necessary updates:
| Vmware |
| 464 | HPE Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.006]
details...
On 24th February 2026, HPE published a security advisory to address vulnerabilities in HPE ProLiant AMD DL/XL Servers - multiple versions and models.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 465 | SolarWinds Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.007]
details...
On 24th February 2026, SolarWinds published a security advisory to address vulnerabilities in SolarWinds Serv-U - versions prior to 15.5.4.
Review the following SolarWinds Security Advisory and apply the necessary updates.
| Solarwinds |
| 466 | Cisco Security Advisory - Update 1. [Published Date: 2026-02-24]
[Id:2026.02.24.008]
details...
On 24th February 2024, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Catalyst SD-WAN Controller - multiple versions
- Cisco Catalyst SD-WAN Manager - multiple versions
- Cisco Nexus 3600 and 9500-R Switching Platform - multiple versions
- Cisco Nexus 9000 Series Fabric Switches - multiple versions
- Cisco UCS Software (UCS Manager Mode) - versions prior to 4.3(6e)
- Cisco UCS Software (Intersight Managed Mode) - versions prior to 4.3(6.260003)
Cisco has indicated that CVE-2026-20127 has been exploited.
Update 1
On 25th February, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20127 to its Known Exploited Vulnerabilities (KEV) Database.
Review the provided web links, perform the suggested recommendations, and apply the necessary updates when available:
| Cisco |
| 467 | VMware Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.009]
details...
On 24th February 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu for Postgres - versions prior to 18.2.0, 17.8.0, 16.12.0, 15.16.0 and 14.21.0
- VMware Tanzu for Postgres on Kubernetes - versions prior to 4.3.2
Review the following advisories and apply the necessary updates:
| Vmware |
| 468 | Docker Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.001]
details...
On 23rd February 2026, Docker published security updates to address a vulnerability in Docker Desktop - versions prior to 4.62.0.
Review the Docker security bulletins and apply the required updates. | Docker |
| 469 | Google Chrome Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.002]
details...
On 23rd February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.116/117 (Windows/Mac) and 144.0.7559.116 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 470 | Mozilla Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.003]
details...
On 24th February 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox ESR - versions prior to 140.8
- Firefox ESR - versions prior to 115.33
- Firefox - versions prior to 148
Review the following advisories and apply the necessary updates:
| Mozilla |
| 471 | SonicWall Security Advisory. [Published Date: 2026-02-24]
[Id:2026.02.24.004]
details...
On 24th February 2026, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Gen7 hardware Firewalls - version 7.0.1-5169 and prior
- Gen7 virtual Firewalls (NSv) - version 7.3.1-7013 and prior
- Gen8 Firewalls - version 8.1.0-8017 and prior
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 472 | IBM Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.001]
details...
Between 16th and 22nd February 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Aspera Enterprise WebApps - version 1.0.0
- IBM Cloud Pak System - multiple versions
- IBM Storage Defender - Resiliency Service - versions 2.0.0 to 2.1.0
- IBM SPSS Analytic Server - versions 3.5, 3.4, 4.0.0.0 and 3.6
- IBM OS Image for Red Hat Linux Systems - versions 5.0.1.0, 4.0.7.0 and 4.0.5.0
- IBM Tivoli Monitoring - versions 6.3.0.7 to 6.3.0.7 Service Pack 22
- IBM Watson Machine Learning Accelerator on Cloud Pak for Data - versions 5.0.0 to 5.0.2
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 2.3.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 473 | Red Hat Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.002]
details...
Between 16th and 22nd February 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 474 | Ubuntu Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.003]
details...
Between 16th and 22nd February 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 475 | Microsoft Edge Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.004]
details...
On 20th February 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 145.0.3800.70.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 476 | Dell Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.005]
details...
Between 16th and 22nd February 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerEdge NVIDIA DOCA-Host - versions prior to 3.2.1-044000
- Dell PowerEdge Server - Multiple models and versions
- Dell PowerMax EEM - versions prior to 10.3.0.1
- Dell PowerProtect Data Manager - versions prior to 19.22.0-24
- Dell Repository Manager - versions prior to 3.4.8
- Dell Unisphere for PowerMax - versions prior to 10.3.0.1
- Dell Networking OS10 - versions prior to 10.5.6.12
- Dell Networking OS10 - versions prior to 10.5.5.17
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 477 | HPE Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.006]
details...
On 20th February 2026, HPE published a security advisory to address vulnerabilities in HPE SimpliVity 380 Gen11 - versions prior to SimpliVity Support Pack (SVTSP) Gen11 v2025_1001.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 478 | Apache Security Advisory. [Published Date: 2026-02-23]
[Id:2026.02.23.007]
details...
On 18th February 2026, Apache published a security advisory to address vulnerabilities in the following products:
- Apache Tomcat - versions 11.0.15
- Apache Tomcat - versions 10.1.50
- Apache Tomcat - versions 9.0.113
- Apache Tomcat Native- versions 2.0.12
- Apache Tomcat Native - versions 1.3.5
- Apache Tomcat - versions 11.0.18
- Apache Tomcat - versions 10.1.52
- Apache Tomcat 9.0.115
Review the following advisories and apply the necessary updates:
| Apache |
| 479 | Google Chrome Security Advisory. [Published Date: 2026-02-19]
[Id:2026.02.19.001]
details...
On 18th February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.109/110 (Windows/Mac) and 144.0.7559.109 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 480 | GitHub Security Advisory. [Published Date: 2026-02-19]
[Id:2026.02.19.002]
details...
On 10th February 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.2
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.5
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.11
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.14
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.18
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.23
Review the following advisories and apply the necessary updates:
| Github |
| 481 | Splunk Security Advisory. [Published Date: 2026-02-19]
[Id:2026.02.19.003]
details...
On 18th February 2026, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - multiple versions
- Splunk Cloud Platform - multiple versions
- Splunk Universal Forwarder - multiple versions
- Splunk DB Connect - versions prior to 4.2.0
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 482 | IceWarp Security Advisory. [Published Date: 2026-02-19]
[Id:2026.02.19.004]
details...
On 19th February 2026, IceWarp published security advisories to address vulnerabilities in the following products:
- IceWarp Epos Update 2 - versions prior to 14.2.0.12
- IceWarp Epos Update 1 - versions prior to 14.1.0.20
- IceWarp Epos (1st generation) - versions prior to 14.0.0.18
- Deep Castle and older versions - versions prior to 13.0.3.13
Review the following advisories and apply the necessary updates:
| IceWarp |
| 483 | Tenable Security Advisory. [Published Date: 2026-02-19]
[Id:2026.02.19.005]
details...
On 18th February 2026, Tenable released security updates to address vulnerabilities affecting the Tenable Security Center - version 6.7.2 w/ Patch SC-202602.1 and Patch SC-202602.2 and prior.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 484 | HPE Security Advisory [Published Date: 2026-02-19]
[Id:2026.02.19.006]
details...
On 19th February 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Service Activator - versions prior to 10.5.0
- HPE SimpliVity 380 servers - versions prior to SimpliVity Support Pack (SVTSP) Gen10 and Gen11
- HPE Telco Service Orchestrator - versions prior to v5.5.0
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 485 | HPE Security Advisory [Published Date: 2026-02-18]
[Id:2026.02.18.001]
details...
On 17th February 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Aruba Networking ClearPass Policy Manager 6.12.x - version 6.12.7 and prior
- HPE Aruba Networking ClearPass Policy Manager 6.11.x - version 6.11.13 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 486 | Atlassian Security Advisory. [Published Date: 2026-02-18]
[Id:2026.02.18.002]
details...
On 17th February 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 487 | Jenkins Security Advisory. [Published Date: 2026-02-18]
[Id:2026.02.18.003]
details...
On 18th February 2026, Jenkins published a security advisory to address vulnerabilities in the following products:
- Jenkins weekly - version 2.550 and prior
- Jenkins LTS - versions 2.541.1 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 488 | Microsoft Edge Security Advisory. [Published Date: 2026-02-18]
[Id:2026.02.18.004]
details...
On 14th February 2026, Microsoft published a security update to address vulnerabilities in the Edge Stable Channel - versions prior to 144.0.3719.115.
Review the Microsoft Edge Stable Channel Release Notes and apply the necessary updates. | Microsoft |
| 489 | Dell Security Advisory - Update 1. [Published Date: 2026-02-18]
[Id:2026.02.18.005]
details...
On 17th February, 2026, Dell published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following:
- RecoverPoint for Virtual Machines - versions prior to 5.3 SP4 P1
- RecoverPoint for Virtual Machines - versions 6.0, 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2, 6.0 SP2, 6.0 SP2 P1, 6.0 SP3 and 6.0 SP3 P1
Open-source reporting indicates that CVE-2026-22769 is being exploited in the wild.
Update 1
On 18th February, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-22769 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
| Dell |
| 490 | F5 Security Advisory. [Published Date: 2026-02-18]
[Id:2026.02.18.006]
details...
On 18th February 2026, F5 published a security update to address vulnerabilities in the BIG-IP AFM and DDoS Hybrid Defender 17.x - version 17.5.1.4.
Review the F5 Security Advisory and apply the necessary updates. | F5 |
| 491 | Dell Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.001]
details...
Between 9th and 15th February 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Gen4T - multiple versions
- Dell Avamar Data Store Gen5A - multiple versions
- Dell Avamar Network Data Management Protocol (NDMP) Accelerator - multiple versions
- Dell Avamar VMware Image Backup Proxy - multiple versions
- Dell Avamar Virtual Edition - multiple versions
- Dell EMC XC Core XC7525 - versions prior to 2.21.1
- Dell Networker Virtual Edition (NVE) - multiple versions
- Dell PowerEdge - multiple versions and models
- Dell PowerProtect DP Series Appliance (IDPA) - versions prior to 2.7.9
- Dell Private Cloud Red Hat - versions prior to 01.02.00.00
- Dell Private Cloud -VMware - versions prior to 01.03.00.00
- Dell Update Package (DUP) Framework - versions 23.12.00 to 24.12.00
- Dell XC Core - multiple versions and models
- NetWorker - versions 19.9 to 19.13.0.2
- iDRAC Service Module for Linux - versions prior to 5.4.1.1
- iDRAC Service Module for Windows - versions prior to 5.4.1.1
- iDRAC Service Module for Windows - versions prior to 6.0.3.1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 492 | Ubuntu Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.002]
details...
Between 9th and 15th February 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 493 | Red Hat Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.003]
details...
Between 9th and 15th February 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 494 | Mozilla Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.004]
details...
On 16th February 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Thunderbird - versions prior to 147.0.2 and 140.7.2
- Firefox - versions prior to 147.0.4
- Firefox ESR - versions prior to 115.32.1
- Firefox ESR - versions prior to 140.7.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 495 | Tenable Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.005]
details...
On 17th February 2026, Tenable released security updates to address vulnerabilities affecting the Tenable Security Center - version 6.7.2 and prior.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 496 | IBM Security Advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.006]
details...
Between 9th and 15th February 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Business Automation Workflow - versions 24.0.1.0 and 25.0.0.0
- IBM Business Automation Workflow Enterprise Service Bus - versions V24.0.0 to V24.0.1
- IBM Business Automation Workflow traditional - versions V25.0.0 to V25.0.1
- IBM Concert Software - versions 1.0.0 to 2.1.0
- IBM Financial Transaction Manager for ACH and Check Services - versions 3.0.0.0 to 3.0.5.4 iFix 27
- IBM Financial Transaction Manager for RehHat OpenShift - multiple versions
- IBM Operational Decision Manager - multiple versions
- IBM Sterling External Authentication Server - versions 6.1.0.0 to 6.1.0.3
- IBM Sterling Secure Proxy - versions 6.1.0.0 to 6.1.0.2, versions 6.2.0.0 to 6.2.0.2
- IBM webMethods Adapter 10.3 for Cmis - multiple versions
- IBM webMethods Adapter 10.5 for Alfresco - multiple versions
- IBM webMethods Adapter 10.5 for Documentum - multiple versions
- IBM webMethods Adapter 8.2 for Salesforce - multiple versions
- IBM webMethods Adapter 9.8 for HDFS - multiple versions
- IBM webMethods Integration (on prem) - versions 11.1 to IS_11.1_Core_Fix8
- Transaction Processing Facility - version 1.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 497 | Roundcube security advisory. [Published Date: 2026-02-17]
[Id:2026.02.17.007]
details...
On 1st June 2025, Roundcube published security advisories to address vulnerabilities in the following products:
- Webmail - versions prior to 1.5.10
- Webmail - versions prior to 1.6.11
Update 1
On 20th February 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-49113 to their Known Exploited Vulnerabilities (KEV) Database.
Review the following advisories and apply the necessary updates:
| Roundcube |
| 498 | Google Chrome Security Advisory. [Published Date: 2026-02-16]
[Id:2026.02.16.001]
details...
On 13th February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.75/76 (Windows/Mac) and 144.0.7559.75 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 499 | SolarWinds security advisory - Update 2. [Published Date: 2026-02-13]
[Id:2026.02.13.001]
details...
On 28th January 2026, SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SolarWinds Web Help Desk - versions prior to 2026.1
- SolarWinds Web Help Desk - version 12.8.8 HF1 and prior
Update 1
On 3rd February 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-40551 to its Known Exploited Vulnerabilities (KEV) Database.
Update 2
On 12th February 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-40536 to its Known Exploited Vulnerabilities (KEV) Database.
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 500 | PostgreSQL Security Advisory. [Published Date: 2026-02-13]
[Id:2026.02.13.002]
details...
On 12th February 2026, PostgreSQL published security advisories to address vulnerabilities in the following products:
- PostgreSQL - 14.x versions prior to 14.21
- PostgreSQL - 15.x versions prior to 15.16
- PostgreSQL - 16.x versions prior to 16.12
- PostgreSQL - 17.x versions prior to 17.8
- PostgreSQL - 18.x versions prior to 18.2
Review the following PostgreSQL Security Advisory and apply the necessary updates.
| Postgresql |
| 501 | BeyondTrust Security Advisory - Update 1. [Published Date: 2026-02-13]
[Id:2026.02.13.003]
details...
On 6th February 2026, BeyondTrust published security updates to address vulnerabilities in the following products:
- Remote Support - version 25.3.1 and prior
- Privileged Remote Access - version 24.3.4 and prior
Update 1
Open-source reporting indicates that CVE-2026-1731 vulnerability is being exploited.
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 502 | Google Chrome Security Advisory. [Published Date: 2026-02-13]
[Id:2026.02.13.004]
details...
On 12th February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.68 (Windows/Mac) and 144.0.7559.67 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 503 | HPE Security Advisory [Published Date: 2026-02-13]
[Id:2026.02.13.005]
details...
On 12th February 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE SimpliVity 380 Gen11 - versions prior to SimpliVity Support Pack Gen11 (SVTSPGen11) 2026_0116
- HPE SimpliVity 380 Gen10 Plus - versions prior to SimpliVity Support Pack Gen10 (SVTSPGen10) 2026_0116
Review the following HPE Security Advisory and apply the necessary updates:
- HPESBHF04937 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01280, 2025.3 IPU, Intel Chipset Firmware Advisory, Multiple Vulnerabilities
- PESBHF04938 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01313, 2025.3 IPU, Intel Xeon Processor Firmware Advisory, Multiple Vulnerabilities
- HPESBHF04939 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01312, Intel TDX Module Advisory, Multiple Vulnerabilities
- HPE Security Bulletin Library
| HPE |
| 504 | Juniper Networks Security Advisory. [Published Date: 2026-02-13]
[Id:2026.02.13.006]
details...
On 12th February 2026, Juniper Networks published security advisories to address vulnerabilities in Juniper Secure Analytics (JSA) 7.5.0 - versions prior to 7.5.0 UP14 IF01.
Review the following Juniper Security Advisory and apply the necessary updates:
| juniper |
| 505 | Tenable Security Advisory. [Published Date: 2026-02-13]
[Id:2026.02.13.007]
details...
On 12th February 2026, Tenable published a security advisory to address vulnerabilities in the following products:
- Nessus Agent - versions 11.1.0 to 11.1.1
- Nessus Agent - versions 11.0.3 and prior
Review the following advisories and apply the necessary updates:
| Tenable |
| 506 | React Security Advisory. [Published Date: 2026-02-12]
[Id:2026.02.12.001]
details...
On 11th February 2026, React published a security advisory to address vulnerabilities in next-mdx-remote - versions 4.3.0 to 5.0.0
Review the React Security Advisory and apply the necessary updates. | React |
| 507 | AMD Security Advisory. [Published Date: 2026-02-12]
[Id:2026.02.12.002]
details...
On 10th February 2026, AMD published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- AMD Athlon and AMD Ryzen Processors - multiple models and versions
- AMD Graphic Drivers - multiple models and versions
- AMD µProf performance analysis tool-suite - versions prior to 5.2.431
- AMD Vivado Design Suite installation - versions prior to 2025.2
- AMD Documentation Navigator installation - tool being retired
- AMD EPYC and AMD EPYC Embedded Series Processors - multiple models and version
Review the provided AMD Security Advisory and apply the necessary updates. | AMD |
| 508 | GitLab Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.001]
details...
On 10th February 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.8.4, 18.7.4 and 18.6.6
- GitLab Enterprise Edition (EE) - versions prior to 18.8.4, 18.7.4 and 18.6.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 509 | Adobe Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.002]
details...
On 10th February 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe After Effects - version 25.6 and prior
- Adobe Audition - version 25.3 and prior
- Adobe InDesign - version ID21.1 and prior
- Adobe InDesign - version ID20.5.1 and prior
- Adobe Bridge - version 15.1.3 (LTS) and prior
- Adobe Bridge - version 16.0.1 and prior
- Adobe Substance 3D Modeler - version 1.22.5 and prior
- Adobe Substance 3D Stager - version 3.1.6 and prior
- Adobe Substance 3D Designer - version 15.1.0 and prior
- Adobe Lightroom Classic - version 15.1 and prior
- Adobe DNG Software Development Kit (SDK) - version 1.7.1 build 2410 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 510 | Google Chrome Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.003]
details...
On 10 th February 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 145.0.7632.45/46 (Windows/Mac) and 145.0.7632.45 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 511 | HPE Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.004]
details...
On 10 th February 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE ProLiant compute DL/ML/XD - multiple models and versions
- HPE ProLiant DL/ML/XL - multiple models and versions
- HPE Synergy 480 Gen12 Compute Module - multiple versions
- HPE Synergy 480 Gen11 Compute Module - multiple versions
- HPE Alletra Storage Server 4210 - multiple versions
- HPE Alletra 4110, 4120 and 4140 - multiple versions
- HPE Compute Edge Server e930t - multiple versions
- HPE Intel E810 Series Ethernet Controllers prior to v30.3 - firmware versions prior to v4.90
- HPE Aruba Networking EdgeConnect SD-WAN Orchestrator - multiple versions
- HPE StoreEasy - multiple models and versions
Review the HPE Security Bulletin Library and apply the necessary updates. | HPE |
| 512 | Palo Alto Networks Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.005]
details...
On 11th February 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- PAN-OS 12.1 - versions prior to 12.1.4
- PAN-OS 11.2 - versions prior to 11.2.8
- PAN-OS 11.2 - versions prior to 11.2.10
- PAN-OS 11.1 - versions prior to 11.1.11
- PAN-OS 10.2 - versions prior to 10.2.17
- Prisma Access - versions prior to 11.2.7-h10 on PAN-OS
- Prisma Access - versions prior to 10.2.10-h28 on PAN-OS
- Prisma Browser - versions prior to 144.27.7.133
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 513 | Commvault Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.006]
details...
On 11th February 2026, Commvault published security advisories to address vulnerabilities in the following products:
- Commvault Windows - versions 11.32.0 to 11.32.128
- Commvault Windows - versions 11.36.0 to 11.36.89
- Commvault Windows - versions 11.40.0 to 11.40.136
Review the following advisories and apply the necessary updates:
| Commvault |
| 514 | Drupal Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.007]
details...
On 11th February 2026, Drupal published security advisories to address vulnerabilities in the following products:
- QuickEdit - versions prior to 1.0.5 and versions 2.0.0 to versions prior to 2.0.1
- UI Icons - versions prior to 1.0.1 and version 1.1.0 to versions prior to 1.1.1
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 515 | Apple Security Advisory. [Published Date: 2026-02-11]
[Id:2026.02.11.008]
details...
On 11th February 2026, Apple published security updates to address vulnerabilities in the following products:
- OS - versions prior to 26.3
- iPadOS - versions prior to 26.3
- iOS - versions prior to 18.7.5
- iPadOS - versions prior to 18.7.5
- macOS Tahoe - versions prior to 26.3
- macOS Sequoia - versions prior to 15.7.4
- macOS Sonoma - versions prior to 14.8.4
- tvOS - versions prior to 26.3
- watchOS - versions prior to 26.3
- visionOS - versions prior to 26.3
Review the provided Apple Security Advisory and apply the necessary updates.
| Apple |
| 516 | SAP security advisory - February 2026 monthly rollup. [Published Date: 2026-02-10]
[Id:2026.02.10.001]
details...
On 10 th February 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP CRM and SAP S/4HANA (Scripting Editor) - versions S4FND 102, 103, 104, 105, 106, 107, 108, 109, SAP_ABA 700, WEBCUIF 700, 701, 730, 731, 746, 747, 748, 800 and 801
- SAP NetWeaver Application Server ABAP and ABAP Platform - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18 and 9.19
- SAP NetWeaver AS ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753,
- SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 804, SAP_BASIS 916, SAP_BASIS 917 and SAP_BASIS 918
- SAP Supply Chain Management - versions SCMAPO 713, 714, SCM 700, 701, 702 and 712
- SAP Solution Tools Plug-In (ST-PI) - versions ST-PI 2008_1_700, 2008_1_710, 740 and 758
- SAP BusinessObjects BI Platform - versions ENTERPRISE 430, 2025 and 2027
- SAP Commerce Cloud - versions HY_COM 2205, COM_CLOUD 2211 and COM_CLOUD 2211-JDK21
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
Review the provided web links, perform the suggested mitigations, and apply the necessary updates.
| SAP |
| 517 | Rapid7 Security Advisory. [Published Date: 2026-02-10]
[Id:2026.02.10.002]
details...
| Rapid7 |
| 518 | HPE Security Advisory. [Published Date: 2026-02-10]
[Id:2026.02.10.003]
details...
On 10th February 2026, HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Private 5G Core - versions 1.24.3.0, 1.24.3.1, 1.24.3.2, and 1.24.3.3.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 519 | Microsoft Security Advisory - February 2026 monthly rollup. [Published Date: 2026-02-10]
[Id:2026.02.10.004]
details...
On 10th February 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- .NET 10.0
- .NET 8.0
- .NET 9.0
- Azure AI Language Authoring
- Azure ARC
- Azure DevOps Server 2022
- Azure Front Door
- Azure Functions
- Azure HDInsight
- Azure IoT Explorer
- Azure Local
- GitHub Copilot Plugin for JetBrains IDEs
- Microsoft 365
- Microsoft ACI Confidential Containers
- Microsoft Defender for Endpoint for Linux
- Microsoft Excel 2016
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
- Microsoft Exchange Server Subscription Edition RTM
- Microsoft Office 2019
- Microsoft Office LTSC
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Outlook 2016
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft Visual Studio 2022
- Microsoft Word 2016
- Office Online Server
- Power BI Report Server
- Visual Studio Code
- Windows 10
- Windows 11
- Windows App for Mac
- Windows Notepad
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 520 | Intel Security Advisory. [Published Date: 2026-02-10]
[Id:2026.02.10.005]
details...
On 10th February 2026, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 521 | Ivanti Security Advisory. [Published Date: 2026-02-10]
[Id:2026.02.10.006]
details...
On 9th February 2026, Ivanti published a security advisory to address a vulnerability in Ivanti Endpoint Manager (EPM) - version 2024 SU4 SR1 and prior.
Review the following advisories and apply the necessary updates:
| Ivanti |
| 522 | Fortinet Security Advisory. [Published Date: 2026-02-10]
[Id:2026.02.10.007]
details...
On 10th February 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiAuthenticator 6.6 - versions 6.6.0 to 6.6.6
- FortiAuthenticator 6.5 - all versions
- FortiAuthenticator 6.4 - all versions
- FortiAuthenticator 6.3 - all versions
- FortiClientWindows 7.4 - versions 7.4.0 to 7.4.4
- FortiClientWindows 7.2 - versions 7.2.0 to 7.2.12
- FortiClientWindows 7.0 - all versions
- FortiOS 7.6 - versions 7.6.0 to 7.6.4
- FortiOS 7.4 - versions 7.4.0 to 7.4.10
- FortiOS 7.2 - all versions
- FortiOS 7.0 - all versions
- FortiOS 6.4 - all versions
- FortiSandbox 5.0 - version 5.0 to 5.1
- FortiSandbox 4.4 - version 4.4.0 to 4.4.7
- FortiSandbox 4.2 - all versions
- FortiSandbox 4.0 - all versions
Review the Fortinet Security Advisories and apply the necessary updates. | Fortinet |
| 523 | Fortinet Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.001]
details...
On 6th February 2026, Fortinet published security advisories to address vulnerabilities in FortiClientEMS 7.4 - version 7.4.4.
Review the following advisories and apply the necessary updates:
| Fortinet |
| 524 | BeyondTrust Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.002]
details...
On 6th February 2026, BeyondTrust published security updates to address vulnerabilities in the following products:
- Remote Support - version 25.3.1 and prior
- Privileged Remote Access - version 24.3.4 and prior
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 525 | Red Hat Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.003]
details...
Between 2nd and 8th February 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 526 | Ubuntu Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.004]
details...
Between 2nd and 8th February 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 527 | IBM Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.005]
details...
Between 2nd and 8th February 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM webMethods Integration - versions 10.15 to 10.15 Fix 13
- IBM webMethods Integration - versions 11.1 to 11.1 Fix 1
- IBM webMethods Integration (on prem) - versions 10.11, 10.15 and 11.1
- IBM InfoSphere Information Server - versions 11.7.0.0 to 11.7.1.6
- IBM Watson Discovery Cartridge - versions 5.0.0 to 5.2.2
- IBM API Connect V12 (on prem) - version 12.1.0.0
- IBM OpenPages for Cloud Pak for Data - multiple versions
- IBM OpenPages Cloud Pak for Data Service - multiple versions
- IBM Common Cryptographic Architecture (CCA) 7 MTM for 4769 - version 7.5.52
- IBM Common Cryptographic Architecture (CCA) 8 MTM for 47770 - version 8.4.82
- IBM Common Cryptographic Architecture (CCA) 4769 Developers Toolkit - version 7.5.52
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 528 | VMware Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.006]
details...
Between 2nd and 8th February 2026, VMware published security advisories to address vulnerabilities in the following products:
- Foundation Core for VMware Tanzu Platform - versions prior to 3.1.7
- Foundation Core for VMware Tanzu Platform - versions prior to 3.2.3
- Isolation Segmentation for VMware Tanzu Platform - versions prior to 10.2.7+LTS-T
- Isolation Segmentation for VMware Tanzu Platform - versions prior to 10.3.4
- NodeJS Buildpack - versions prior to 1.8.74
- Platform Automation Toolkit - versions prior to 5.4.0
- Tanzu Kubernetes Grid Integrated Edition (TKGi) CLI & Tile - versions prior to 1.24.0
- Telemetry for VMware Tanzu Platform - versions prior to 2.4.0
- VMware Harbor Registry - versions prior to 2.14.0
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 529 | GitLab Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.007]
details...
On 6th February 2026, GitLab published a security advisory to address vulnerabilities in GitLab Duo Self-Hosted AI Gateway - versions prior to 18.8.1, 18.7.1, and 18.6.2.
Review the following advisories and apply the necessary updates:
| Gitlab |
| 530 | Dell Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.008]
details...
Between 2nd and 8th February 2026, Dell published security advisories to address vulnerabilities in Dell SmartFabric Manager - versions prior to 2.0.0.
Review the following advisories and apply the necessary updates:
| Dell |
| 531 | JetBrains Security Advisory. [Published Date: 2026-02-09]
[Id:2026.02.09.009]
details...
On 9th February 2026, JetBrains published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- JetBrains Hub - versions prior to 2025.3.119807
- JetBrains PyCharm - versions prior to 2025.3.2
- JetBrains YouTrack - versions prior to 2025.3.119033
Review the JetBrains - Fixed security issues and apply the necessary updates. | Jetbrains |
| 532 | Microsoft Edge Security Advisory. [Published Date: 2026-02-06]
[Id:2026.02.06.001]
details...
| Microsoft |
| 533 | Tenable Security Advisory. [Published Date: 2026-02-06]
[Id:2026.02.06.002]
details...
On 5th February 2026, Tenable published a security advisory to address vulnerabilities in the following products:
- Nessus - version 10.10.1 and prior
- Nessus - versions 10.11.0 to 10.11.1
Review the following advisories and apply the necessary updates:
| Tenable |
| 534 | GitLab Security Advisory. [Published Date: 2026-02-05]
[Id:2026.02.05.001]
details...
On 4th February 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.8.3, 18.7.3 and 18.6.5
- GitLab Enterprise Edition (EE) - versions prior to 18.8.3, 18.7.3 and 18.6.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 535 | TeamViewer Security Advisory. [Published Date: 2026-02-05]
[Id:2026.02.05.002]
details...
On 5th February 2026, TeamViewer published security updates to address vulnerabilities in the following products:
- TeamViewer Full Client (Windows) - versions prior to 15.74.5
- TeamViewer Full Client (macOS) - versions prior to 15.74.5
- TeamViewer Full Client (Linux) - versions prior to 15.74.5
- TeamViewer Host (Windows) - versions prior to 15.74.5
- TeamViewer Host (macOS) - versions prior to 15.74.5
- TeamViewer Host (Linux) - versions prior to 15.74.5
Review the following TeamViewer Security Advisory and apply the necessary updates:
| Teamviewer |
| 536 | n8n Security Advisory. [Published Date: 2026-02-05]
[Id:2026.02.05.003]
details...
On 4th February 2026, n8n published security updates to address vulnerabilities in the following products:
- n8n (Merge Node) - versions prior to 1.118.0 and versions prior to 2.4.0
- n8n (Git Node) - versions prior to 1.123.10 and versions prior to 2.5.0
- n8n (SSH Node) - versions prior to 1.123.12 and versions prior to 2.4.0
- n8n (Workflow UI) - versions prior to 1.23.9 and versions prior to 2.2.1
- n8n - versions prior to 1.123.17 and versions prior to 2.5.2
Review the following n8n Security Advisory and apply the necessary updates:
| n8n |
| 537 | Zyxel Security Advisory. [Published Date: 2026-02-05]
[Id:2026.02.05.004]
details...
On 5th February 2026, Zyxel published security advisories to address vulnerabilities in the following products:
- ATP - versions ZLD V5.35 to V5.41
- USG FLEX - versions ZLD V5.35 to V5.41
- USG FLEX 50(W)/ USG20(W)-VPN - versions ZLD V5.35 to V5.41
Review the following advisories and apply the necessary updates:
| Zyxel |
| 538 | Django security advisory. [Published Date: 2026-02-04]
[Id:2026.02.04.001]
details...
On 4th February 2026, Django published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Django 4.2 - versions prior to 4.2.28
- Django 5.2 - versions prior to 5.2.11
- Django 6.0 - versions prior to 6.0.2
Review the Django Security Advisory and apply the necessary updates. | Django |
| 539 | Google Chrome Security Advisory. [Published Date: 2026-02-04]
[Id:2026.02.04.002]
details...
On 27th January 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 144.0.7559.132/.133 (Windows/Mac) and 144.0.7559.132 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 540 | Android security advisory - February 2026 Monthly Rollup. [Published Date: 2026-02-04]
[Id:2026.02.04.003]
details...
On 2nd February 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 541 | Qualcomm Security Advisory - February 2026 monthly rollup. [Published Date: 2026-02-04]
[Id:2026.02.04.004]
details...
On 2nd February 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin - February and apply the necessary updates. | Qualcomm |
| 542 | F5 Security Advisory. [Published Date: 2026-02-04]
[Id:2026.02.04.005]
details...
On 4th February 2026, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- APM Clients - versions 7.2.5 to 7.2.6.1
- BIG-IP (all modules) - multiple versions
- BIG-IP APM - multiple versions
- BIG-IP Advanced WAF/ASM - versions 17.1.0 to 17.1.2
- BIG-IP Container Ingress Services for Kubernetes and OpenShift - versions 2.0.0 to 2.20.1, versions 1.0.0 to 1.14.0
- NGINX Gateway Fabric - versions 2.0.0 to 2.4.0, versions 1.2.0 to 1.6.2
- NGINX Ingress Controller - multiple versions
- NGINX Instance Manager - versions 2.15.1 to 2.21.0
- NGINX Open Source - versions 1.3.0 to 1.29.4
- NGINX Plus - versions R32 to R36 P1
Review the Quarterly Security Notification (February 2026) and apply the necessary updates. | F5 |
| 543 | Cisco Security Advisory. [Published Date: 2026-02-04]
[Id:2026.02.04.006]
details...
On 4th February 2024, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco AsyncOS for Cisco Secure Web Appliance - versions prior to 15.2.5-011
- Cisco Evolved Programmable Network Manager (EPNM) - versions prior to 8.1.1
- Cisco Meeting Management Release - versions prior to 3.12.1 MR
- Cisco Prime Infrastructure - versions prior to 3.10.6 Security Update 2
- Cisco TelePresence CE Software in Cloud-Aware Operation - versions prior to RoomOS October 2025 Release
- Cisco TelePresence CE Software in Cloud-Aware Operation - versions prior to RoomOS December 2025 Release
- Cisco RoomOS Software in Cloud-Aware Operation - versions prior to RoomOS October 2025 Release
- Cisco RoomOS Software in Cloud-Aware Operation - versions prior to RoomOS December 2025 Release
- Cisco TelePresence CE Software in On-Premises Operation - versions prior to 11.27.5.0 and 11.32.3.0
- Cisco RoomOS Software in On-Premises Operation - versions prior to 11.27.5.0 and 11.32.3.0
Review the Cisco Security Advisories and apply the necessary updates. | Cisco |
| 544 | Splunk Security Advisory. [Published Date: 2026-02-04]
[Id:2026.02.04.007]
details...
On 4th February 2026, Splunk released security updates to address multiple vulnerabilities in Splunk SOAR - versions prior to 7.1.0.
Review the following advisories and apply the necessary updates:
| Splunk |
| 545 | Samsung Mobile Security Advisory. [Published Date: 2026-02-03]
[Id:2026.02.03.001]
details...
On 3rd February 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-FEB-2026.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 546 | Kubernetes Security Advisory. [Published Date: 2026-02-03]
[Id:2026.02.03.002]
details...
On 2nd February 2026, Kubernetes published security advisories to address vulnerabilities in the following products:
- Kubernetes ingress-nginx - versions prior to v1.13.7
- Kubernetes ingress-nginx - versions prior to v1.14.3
Review the Kubernetes Security Advisory - Multiple issues in ingress-nginx and apply the necessary updates. | Kubernetes |
| 547 | SolarWinds security advisory - Update 1 [Published Date: 2026-02-03]
[Id:2026.02.03.003]
details...
On 28th January 2026, SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SolarWinds Web Help Desk - versions prior to 2026.1
- SolarWinds Web Help Desk - version 12.8.8 HF1 and prior
Update 1
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 548 | Tenable Security Advisory. [Published Date: 2026-02-03]
[Id:2026.02.03.004]
details...
On 3rd February 2026, Tenable released security updates to address vulnerabilities affecting the Tenable Identity Exposure - versions 3.77.15 and prior.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 549 | IBM Security Advisory. [Published Date: 2026-02-02]
[Id:2026.02.02.001]
details...
Between 226th January and 1st February 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- API Connect - versions V10.0.8.0 to 10.0.8.5
- IBM Cloud Pak System - multiple versions
- IBM Cloud Pak for Business Automation - versions V24.0.0 to V24.0.0-IF007
- IBM Cloud Pak for Business Automation - versions V24.0.1 to V24.0.1-IF005
- IBM Cloud Pak for Business Automation - versions V25.0.0 to V25.0.0-IF002
- IBM DB2 Data Management Console - multiple versions
- IBM Db2 Big SQL on Cloud Pak for Data - version IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8
- IBM Db2 Big SQL on Cloud Pak for Data - version IBM Db2 Big SQL 7.7 on Cloud Pak for Data 5.0
- IBM Db2 Big SQL on Cloud Pak for Data - version IBM Db2 Big SQL 7.8.0 on Cloud Pak for Data 5.1.0
- IBM Maximo Application Suite - versions 8.10, 8.11, 9.0 and 9.1
- IBM OS Image for Red Hat Linux Systems - versions 4.0.4.0, 4.0.5.0, 4.0.6.0 and 4.0.7.0
- IBM OS Image for Red Hat Linux Systems - versions 5.0.0.0 and 5.0.1.0
- IBM Observability with Instana (OnPrem) - versions Build 1.0.283 to 1.0.309
- Maximo AI Service - version 9.1.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 550 | Dell Security Advisory. [Published Date: 2026-02-02]
[Id:2026.02.02.002]
details...
Between 26th January and 1st February 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.04.03.00
- Dell CloudBoost Virtual Appliance - versions prior to 19.14.0.0
- Dell EMC Networking VEP1425/VEP1445/VEP1485 - versions prior to 2.6
- Dell NetWorker - versions 19.8 to 19.13.0.2
- Dell Networking VEP4600 - versions prior to 4.3
- Dell OpenManage Network Integration - versions prior to 3.9
- Dell PowerSwitch E3200-ON Series - versions prior to 3.57.5.1-5
- Dell PowerSwitch N2200-ON Series - versions prior to 3.45.5.1-31
- Dell PowerSwitch N3200-ON Series - versions prior to 3.45.5.1-31
- Dell PowerSwitch S5448F-ON - versions prior to 3.52.5.1-12
- Dell PowerSwitch Z9264F-ON - versions prior to 3.42.5.1-21
- Dell PowerSwitch Z9432F-ON - versions prior to 3.51.5.1-21
- Dell PowerSwitch Z9664F-ON - versions prior to 3.54.5.1-9
- Dell SD-WAN EDGE610/610-LTE - versions prior to 3.43.0.9-24
- Dell SD-WAN EDGE620/640/680 - versions prior to 3.50.0.9-21
- Dell Unity Operating Environment (OE) - versions prior to 5.5.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 551 | VMware Security Advisory. [Published Date: 2026-02-02]
[Id:2026.02.02.003]
details...
Between 26th January and 1st February 2026, VMware published security advisories to address vulnerabilities in the following products:
- Platform Services for VMware Tanzu Platform - versions prior to 10.3.4
- Python Buildpack - versions prior to 1.8.71 and 1.8.75
- Ruby Buildpack - versions prior to 1.10.53
- Service Publisher for VMware Tanzu Platform - versions prior to 10.3.4
- Stemcells (Ubuntu Jammy FIPS) - versions prior to 1.1016.x
- Stemcells (Ubuntu Noble) - versions prior to 1.188.x
- Stemcells (Windows) - versions prior to 2019.94.x
- Tanzu Hub - versions prior to 10.3.4
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 552 | Ubuntu Security Advisory. [Published Date: 2026-02-02]
[Id:2026.02.02.004]
details...
Between 26th January and 1st February 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 553 | BeyondTrust Security Advisory. [Published Date: 2026-02-02]
[Id:2026.02.02.005]
details...
On 2nd February 2026, BeyondTrust published a security update to address vulnerabilities in Privilege Management for Windows - versions prior to 25.8.
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 554 | Ivanti Security Advisory. [Published Date: 2026-01-30]
[Id:2026.01.30.001]
details...
On 30th January 2026, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- EPMM version 12.5.1.0 and prior
- EPMM version 12.6.1.0 and prior
- EPMM version 12.5.0.0 and prior
- EPMM version 12.6.0.0 and prior
- EPMM version 12.7.0.0 and prior
Review the Iveanti Security Updates and apply the necessary updates. | Ivanti |
| 555 | WatchGuard Security Advisory. [Published Date: 2026-01-30]
[Id:2026.01.30.002]
details...
On 29th January 2026, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS - versions prior to 2026.1
- Fireware OS - versions prior to 12.11.7
- Fireware OS - versions prior to 12.5.16
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 556 | Microsoft Edge Security Advisory. [Published Date: 2026-01-30]
[Id:2026.01.30.003]
details...
| Microsoft |
| 557 | HPE Security Advisory. [Published Date: 2026-01-28]
[Id:2026.01.28.001]
details...
On 27th January 2026, HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Fabric Composer - versions 7.x.x: versions 7.2.3 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 558 | Google Chrome Security Advisory. [Published Date: 2026-01-28]
[Id:2026.01.28.002]
details...
On 27th January 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 144.0.7559.109/.110 (Windows/Mac) and 144.0.7559.109 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 559 | SolarWinds Security Advisory. [Published Date: 2026-01-28]
[Id:2026.01.28.003]
details...
On 28th January 2026, SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SolarWinds Web Help Desk - versions prior to 2026.1
- SolarWinds Web Help Desk - version 12.8.8 HF1 and prior
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 560 | Tenable Security Advisory. [Published Date: 2026-01-28]
[Id:2026.01.28.004]
details...
On 27th January 2026, Tenable released security updates to address vulnerabilities affecting the Tenable Network Monitor - versions prior to 6.5.3.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 561 | Drupal Security Advisory. [Published Date: 2026-01-28]
[Id:2026.01.28.005]
details...
On 14th January 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Drupal Canvas - versions prior to 1.0.4
- Central Authentication System (CAS) Server - versions prior to 2.0.3, version 2.1.0 to versions prior to 2.1.2
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 562 | GNU security advisory - Update 1 [Published Date: 2026-01-27]
[Id:2026.01.27.001]
details...
On 21st January 2026, GNU published security advisories to address vulnerabilities in GNU InetUtils - versions 1.9.3 to 2.7.
Update 1
On 27th January, 2026, GNU published an out-of-band security advisory to address an important vulnerability CVE-2026-24061.
Open-source reporting indicates that an exploit for CVE-2026-24061 exists in the wild.
Review the following provided web links and apply the necessary updates.
| GNU |
| 563 | OpenSSL Security Advisory. [Published Date: 2026-01-27]
[Id:2026.01.27.002]
details...
On 27th January 2026, OpenSSL published security advisories to address vulnerabilities in the following products:
- OpenSSL - versions 3.6.0 to versions prior to 3.6.1
- OpenSSL - versions 3.5.0 to versions prior to 3.5.5
- OpenSSL - versions 3.4.0 to versions prior to 3.4.4
- OpenSSL - versions 3.3.0 to versions prior to 3.3.6
- OpenSSL - versions 3.0.0 to versions prior to 3.0.19
Review the following advisories and apply the necessary updates:
| OpenSSL |
| 564 | Fortinet Security Advisory. [Published Date: 2026-01-27]
[Id:2026.01.27.003]
details...
On 27th January 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiAnalyzer 7.6 - versions 7.6.0 to 7.6.5
- FortiAnalyzer 7.4 - versions 7.4.0 to 7.4.9
- FortiAnalyzer 7.2 - versions 7.2.0 to 7.2.11
- FortiAnalyzer 7.0 - versions 7.0.0 to 7.0.15
- FortiManager 7.6 - versions 7.6.0 to 7.6.5
- FortiManager 7.4 - versions 7.4.0 to 7.4.9
- FortiManager 7.2 - versions 7.2.0 to 7.2.11
- FortiManager 7.0 - versions 7.0.0 to 7.0.15
- FortiOS 7.6 - versions 7.6.0 to 7.6.5
- FortiOS 7.4 - versions 7.4.0 to 7.4.10
- FortiOS 7.2 - versions 7.2.0 to 7.2.12
- FortiOS 7.0 - versions 7.0.0 to 7.0.18
- FortiProxy 7.6 - versions 7.6.0 to 7.6.4
- FortiProxy 7.4 - versions 7.4.0 to 7.4.12
- FortiProxy 7.2 - all versions
- FortiProxy 7.0 - all versions
Review the following advisories and apply the necessary updates:
| Fortinet |
| 565 | Citrix Security Advisory. [Published Date: 2026-01-27]
[Id:2026.01.27.004]
details...
On 27th January 2026, Citrix published a security Advisory to address a vulnerability in XenServer - version 8.4.
Review the following advisories and apply the necessary updates:
| Citrix |
| 566 | IBM Security Advisory. [Published Date: 2026-01-26]
[Id:2026.01.26.001]
details...
Between 19th and 25th January 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Big SQL on IBM Cloud Pak for Data - multiple versions
- IBM Concert Software - versions 1.0.0 to 2.1.0
- IBM DataStax Hyper-Convergence Database - version 1.2.3
- IBM Guardium Data Security Center - version 3.8.5
- IBM Watsonx Orchastrate with watsonx Assistant Chartridge UAB Component - versions 5.1.0 to 5.2.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 567 | HPE Security Advisory. [Published Date: 2026-01-26]
[Id:2026.01.26.002]
details...
On 23rd January 2026, HPE published a security advisory to address vulnerabilities in HPE Telco Universal SLA Management - version 4.6 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 568 | Red Hat Security Advisory. [Published Date: 2026-01-26]
[Id:2026.01.26.003]
details...
Between 19th and 25th January 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 569 | VMware Security Advisory. [Published Date: 2026-01-26]
[Id:2026.01.26.004]
details...
Between 19th and 25th January 2026, VMware published security advisories to address vulnerabilities in the following products:
- AI Services for VMware Tanzu Platform - versions prior to 10.3.3
- Elastic Application Runtime for VMware Tanzu Platform - versions prior to 6.0.24+LTS-T
- Elastic Application Runtime for VMware Tanzu Platform - versions prior to 10.3.4
- Elastic Application Runtime for VMware Tanzu Platform - versions prior to 10.2.7+LTS-T
- Extended App Support for Tanzu Platform - versions prior to 1.0.12
- PHP Buildpack - versions prior to 4.6.62
- VMware Tanzu Cloud Native Buildpack - versions prior to 0.6.3
- VMware Tanzu Greenplum Backup and Restore - versions prior to 1.32.30
- VMware Tanzu .NET Core Buildpack - versions prior to 2.4.73, 2.4.76 and 2.4.77
- VMware Tanzu NodeJS Buildpack - versions prior to 1.8.73
Review the Security Advisories - Tanzu and apply the necessary updates. | Broadcom |
| 570 | Microsoft Edge Security Advisory. [Published Date: 2026-01-26]
[Id:2026.01.26.005]
details...
| Microsoft |
| 571 | Oracle Security Advisory - January 2026 Quarterly Rollup - Update 1. [Published Date: 2026-01-23]
[Id:2026.01.23.001]
details...
On 20th January 2026, Oracle published a security advisory to address vulnerabilities in multiple products.
Update 1
On 21st January 2026, a proof of concept (PoC) for the vulnerability CVE-2026-21962 became publicly available.
CVE-2026-21962 is a vulnerability in the Oracle HTTP Server and Oracle WebLogic Server Proxy Plug-in products of Oracle Fusion Middleware that may allow a remote attacker to obtain unauthorized access.
Review Oracle Critical Patch Update Advisory - January 2026 and apply the necessary updates. | Oracle |
| 572 | Microsoft security advisory - January 2026 monthly rollup - Update 1. [Published Date: 2026-01-23]
[Id:2026.01.23.002]
details...
On 13th January 2026, Microsoft published security advisories to address vulnerabilities in multiple products.
Update 1
On 26th January, 2026, Microsoft published an out-of-band security advisory to address an important vulnerability CVE-2026-21509.
Microsoft has received reports that CVE-2026-20805 and CVE-2026-21509 are being exploited.
Review the following provided web links and apply the necessary updates.
| Microsoft |
| 573 | ISC BIND Security Advisory. [Published Date: 2026-01-22]
[Id:2026.01.22.001]
details...
On 21st January 2026, ISC published security advisories to address vulnerabilities in the following products:
- ISC BIND 9 - versions 9.18.40 to 9.18.43
- ISC BIND 9 - versions 9.20.13 to 9.20.17
- ISC BIND 9 - versions 9.21.12 to 9.21.16
- BIND Supported Preview Edition - versions 9.18.40-S1 to 9.18.43-S1
- BIND Supported Preview Edition - versions 9.20.13-S1 to 9.20.17-S1
Review the following advisories and apply the necessary updates:
| ISC |
| 574 | Oracle Security Advisory - January 2026. [Published Date: 2026-01-21]
[Id:2026.01.21.001]
details...
| Oracle |
| 575 | Google Chrome Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.002]
details...
On 20th January 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 144.0.7559.96/.97 (Windows/Mac) and 144.0.7559.96 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 576 | GitLab Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.003]
details...
On 21st January 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.8.2, 18.7.2 and 18.6.4
- GitLab Enterprise Edition (EE) - versions prior to 18.8.2, 18.7.2 and 18.6.4
Review the following advisories and apply the necessary updates:
| Gitlab |
| 577 | Atlassian Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.004]
details...
On 20th January 2026, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - versions 7.1.0 to 7.1.2, versions 6.3.0 to 6.3.3
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 578 | HPE Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.005]
details...
On 20th January 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Alletra 6000 - versions prior to 6.1.2.800, version 6.1.3 versions prior to 6.1.3.300
- HPE Nimble Storage Hybrid Flash Arrays - versions prior to 6.1.2.800, version 6.1.3 versions prior to 6.1.3.300
- Nimble Storage All Flash Arrays - versions prior to 6.1.2.800, version 6.1.3, versions prior to 6.1.3.300
- HPE Alletra 5000 - versions prior to 6.1.2.800, version 6.1.3 versions prior to 6.1.3.300
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 579 | GNU Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.006]
details...
On 20th January 2026, GNU published a security advisory to address a vulnerability in GNU InetUtils - versions 1.9.3 to 2.
Review the following provided web link and apply the necessary updates when available.
| GNU |
| 580 | Cisco Security Advisory. [Published Date: 2026-01-21]
[Id:2026.01.21.007]
details...
On 21st January 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Unified CM - versions prior to 12.5, 14 and 15
- Unified CM IM&P - versions prior to 12.5, 14 and 15
- Unified CM SME - versions prior to 12.5, 14 and 15
- Webex Calling Dedicated Instance - versions prior to 12.5, 14 and 15
- Cisco Unity Connection Release - versions prior to 12.5, 14 and 15
Review the following advisories and apply the necessary updates:
| Cisco |
| 581 | Juniper Networks Security Advisory. [Published Date: 2026-01-20]
[Id:2026.01.20.001]
details...
On 14th January 2026, Juniper Networks published a security advisory to address a critical vulnerability in the following products:
- Juniper Networks Policy Enforcer - versions prior to 24.1R3
- Juniper Networks Paragon Automation - versions prior to 24.1.1
- Junos OS Evolved - multiple versions
- Junos OS on EX4000 - versions prior to 24.4R2
- Junos OS on EX4000 - versions prior to 25.2R1-S2 and 25.2R2
- Junos OS on MX Series - multiple versions
- Junos OS on QFX5k Series - multiple versions
- Junos OS on SRX Series - multiple versions
- Junos OS on EX Series - multiple versions
- Junos OS - multiple versions
- Junos Space - versions prior to 24.1R5
Review Juniper Networks Security Advisories and apply the necessary updates. | juniper |
| 582 | IBM Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.001]
details...
Between 12th and 18th January 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Concert Software - versions 1.0.0 to 2.1.0
- IBM Datacap Navigator - versions 9.1.7, 9.1.8 and 9.1.9
- IBM Datacap - versions 9.1.7, 9.1.8 and 9.1.9
- IBM Library Support for Struts - version 2.5.37
- IBM Operations Analytics - Log Analysis - versions 1.3.7.0, 1.3.7.1 and 1.3.7.2
- IBM Robotic Process Automation for Cloud Pak - versions 23.0.0 to 23.0.20.4, versions 30.0.0 to 30.0.0.2
- IBM Robotic Process Automation - versions 23.0.0 to 23.0.20.4, versions 30.0.0 to 30.0.0.2
- IBM Security Verify Access Container - versions 10.0 to 10.0.9
- IBM Sterling External Authentication Server - versions 6.1.1.0 to 6.1.1.1
- IBM Terracotta - versions 11.1.0.0 to 11.1.0.10
- IBM Verify Identity Access Container - versions 11.0 to 11.0.1
- IBM Verify Identity Access - versions 10.0 to 10.0.9
- IBM Verify Identity Access - versions 11.0 to 11.0.1
- IBM i Access Family - versions 1.1.9.8 to 1.1.9.10
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 583 | Dell Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.002]
details...
Between 12th and 18th January 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Elastic Cloud Storage (ECS) - versions 3.8.1.0 to 3.8.1.7
- Dell ObjectScale - versions prior to 4.2.0.0
- Dell PowerScale OneFS - multiple versions
Review the following advisories and apply the necessary updates:
| Dell |
| 584 | Ubuntu Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.003]
details...
Between 12th and 18th January 2026, Ubuntu published a security notice to address vulnerabilities in Ubuntu 20.04 LTS.
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 585 | Microsoft Edge Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.004]
details...
| Microsoft |
| 586 | VMware Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.005]
details...
Between 12th and 18th January 2026, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire - versions prior to 10.1.6
- VMware Tanzu GemFire - versions prior to 10.2.1
Review the following advisories and apply the necessary updates:
| Vmware |
| 587 | GitHub Security Advisory. [Published Date: 2026-01-19]
[Id:2026.01.19.006]
details...
On 16th January 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.8.1
- GitLab Enterprise Edition (EE) - versions prior to 18.8.1
Review the following advisories and apply the necessary updates:
| Github |
| 588 | Google Chrome Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.001]
details...
On 13th January 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 144.0.7559.59/60 (Windows/Mac) and 144.0.7559.59 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 589 | Adobe Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.002]
details...
On 13th January 2026, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Dreamweaver - version 21.6 and prior
- Adobe InDesign - version ID21.0 and prior
- Adobe InDesign - version ID19.5.5 and prior
- Illustrator 2025/2026 - version 29.8.3 and prior
- Illustrator 2025/2026 - version 30.0 and prior
- Adobe InCopy - version 21.0 and prior
- Adobe InCopy - version 19.5.5 and prior
- Adobe Bridge - version 15.1.2 (LTS) and prior
- Adobe Bridge - version 16.0 and prior
- Adobe Substance 3D Modeler - version 1.22.4 and prior
- Adobe Substance 3D Stager - version 3.1.5 and prior
- Adobe Substance 3D Painter - version 11.0.3 and prior
- Adobe Substance 3D Sampler - version 5.1.0 and prior
- ColdFusion 2025/2023 - version Update 5 and prior
- ColdFusion 2025/2023 - version Update 17 and prior
- Adobe Substance 3D Designer - version 15.0.3 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 590 | Mozilla Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.003]
details...
On 13th January 2026, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox ESR - versions prior to 140.7
- Firefox ESR - versions prior to 115.32
- Firefox - versions prior to 147
Review the following advisories and apply the necessary updates:
| Mozilla |
| 591 | Drupal Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.004]
details...
On 14th January 2026, Drupal published security advisories to address vulnerabilities in the following products:
- Group invite - versions prior to 2.3.9, version 3.0.0 to versions prior to 3.0.4, version 4.0.0 to versions prior to 4.0.4
- Role Delegation - version 1.3.0 to versions prior to 1.5.0
- AT Internet SmartTag - versions prior to 1.0.1
- AT Internet Piano Analytics - versions prior to 1.0.1, version 2.0.0 to versions prior to 2.3.1
- Microsoft Entra ID SSO Login - versions prior to 1.0.4
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 592 | Red Hat Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.005]
details...
Between 5th and 11th January 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 593 | Palo Alto Networks Security Advisory. [Published Date: 2026-01-14]
[Id:2026.01.14.006]
details...
On 14th January 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:
- Prisma Browser - versions prior to 142.21.4.163
- PAN-OS 12.1 - versions prior to 12.1.3-h3
- PAN-OS 12.1 - versions prior to 12.1.4
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
- PAN-OS 10.1 - versions prior to 10.1.14-h20
- Prisma Access 11.2 - versions prior to 11.2.7-h8
- Prisma Access 10.2 - versions prior to 10.2.10-h29
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 594 | ServiceNow Security Advisory. [Published Date: 2026-01-13]
[Id:2026.01.13.001]
details...
On 12th January 2026, ServiceNow published security advisories to address vulnerabilities in multiple versions of the following products:
- Now Assist AI Agents (sn_aia) - versions prior to 5.1.18
- Now Assist AI Agents (sn_aia) - versions prior to 5.2.19
- Virtual Agent API (sn_va_as_service) - versions prior to 3.15.2
- Virtual Agent API (sn_va_as_service) - versions prior to 4.0.4
Review the following advisories and apply the necessary updates:
| ServiceNow |
| 595 | SAP security advisory - January 2026 monthly rollup. [Published Date: 2026-01-13]
[Id:2026.01.13.002]
details...
On 13th January 2026, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Business Server Pages Application (Product Designer Web UI) - versions SAP_APPL 618, S4CORE 102, 103, 104, 105, 106, 107, 108, 109, EA-APPL 600, 602, 603, 604, 605, 606 and 617
- NW AS Java UME User Mapping - versions ENGINEAPI 7.50, SERVERCORE 7.50 and UMEADMIN 7.50
- SAP Application Server for ABAP and SAP NetWeaver RFCSDK - versions KRNL64UC 7.53, NWRFCSDK 7.50, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 and 9.16
- SAP Business Connector - version SAP BC 4.8
- SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) - versions SAP_APPL 618, S4CORE 102, 103, 104, 105, 106, 107, 108, 109, EA-APPL 605, 606 and 617
- SAP Fiori App (Intercompany Balance Reconciliation) - versions UIAPFI70 500, 600, 700, 800, 900, 901, 902 and UIS4H 109
- SAP Fiori App (Intercompany Balance Reconciliation) - versions UIAPFI70 500, 600, 700, 800, 900, 901, 902, S4CORE 102, 103, 104, 105, 106, 107 and 108
- SAP Fiori App (Intercompany Balance Reconciliation) - versions UIAPFI70 500, 600, 700, 800, 900, 901, 902, S4CORE 102, 103, 104, 105, 106, 107, 108, 109 and UIS4H 109
- SAP HANA database - version HDB 2.00
- SAP Identity Management - versions IDM_CLM_REST_API 8.0 and IDMIC 8.0
- SAP Landscape Transformation - versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752 and 2020
- SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP NetWeaver Enterprise Portal - version EP-RUNTIME 7.50
- SAP S/4HANA (Private Cloud and On-Premise) - versions S4CORE 102, 103, 104, 105, 106, 107, 108 and 109
- SAP S/4HANA Private Cloud and On-Premise (Financials - General Ledger) - versions S4CORE 102, 103, 104, 105, 106, 107, 108 and 109
- SAP Supplier Relationship Management (SICF Handler in SRM Catalog) - versions SRM_SERVER 700, 701, 702, 713 and 714
- SAP Wily Introscope Enterprise Manager (WorkStation) - version WILY_INTRO_ENTERPRISE 10.8
Review the SAP Security Patch Day - January 2026 and apply the necessary updates. | SAP |
| 596 | Fortinet Security Advisory. [Published Date: 2026-01-13]
[Id:2026.01.13.003]
details...
On 13th January 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiFone 7.0 - versions 7.0.0 to 7.0.1
- FortiFone 3.0 - versions 3.0.13 to 3.0.23
- FortiOS 7.6 - versions 7.6.0 to 7.6.3
- FortiOS 7.4 - versions 7.4.0 to 7.4.8
- FortiOS 7.2 - versions 7.2.0 to 7.2.11
- FortiOS 7.0 - versions 7.0.0 to 7.0.17
- FortiOS 6.4 - versions 6.4.0 to 6.4.16
- FortiSASE 25.2 - version 25.2.b
- FortiSASE 25.1.a - version 25.1.a.2
- FortiSIEM 7.4 - version 7.4.0
- FortiSIEM 7.3 - versions 7.3.0 to 7.3.4
- FortiSIEM 7.2 - versions 7.2.0 to 7.2.6
- FortiSIEM 7.1 - versions 7.1.0 to 7.1.8
- FortiSIEM 7.0 - versions 7.0.0 to 7.0.4
- FortiSIEM 6.7 - versions 6.7.0 to 6.7.10
- FortiSwitchManager 7.2 - versions 7.2.0 to 7.2.6
- FortiSwitchManager 7.0 - versions 7.0.0 to 7.0.5
Review the following advisories and apply the necessary updates:
| Fortinet |
| 597 | Microsoft Security Advisory - January 2026 monthly rollup. [Published Date: 2026-01-13]
[Id:2026.01.13.004]
details...
On 13th January 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Azure Connected Machine Agent
- Azure Core shared client library for Python
- Microsoft 365 Apps for Enterprise
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office Deployment Tool
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Word 2016
- Office Online Server
- Windows 10
- Windows 11
- Windows Admin Center in Azure Portal
- Windows SDK
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 598 | HPE Security Advisory. [Published Date: 2026-01-13]
[Id:2026.01.13.005]
details...
On 13th January 2026, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Networking Instant - versions 3.3.1.0 and prior
- HPE Aruba Networking AOS-8 and AOS-10 for Mobility Conductors, Controllers, and Gateways - multiple versions and platforms
- HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux - versions 4.7.5 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 599 | IBM Security Advisory. [Published Date: 2026-01-12]
[Id:2026.01.12.001]
details...
Between 5th and 11th January 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Cloud Pak for Business Automation - versions V24.0.1 to V24.0.1-IF005
- IBM Cloud Pak for Business Automation - versions V25.0.0 to V25.0.0-IF002
- IBM Concert Software - versions 1.0.0 to 2.1.0
- IBM Maximo Application Suite - Monitor Component - versions 9.1, 9.0, 8.11 and 8.10
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 5.0.0 to 5.2.2
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 600 | Dell Security Advisory. [Published Date: 2026-01-12]
[Id:2026.01.12.002]
details...
Between 5th and 11th January 2026, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerStore T Security Family OS - versions prior to 4.1.0.4-2633110
- Dell Client Platform - multiple applications and versions
- Dell VxRail Appliance - versions 8.0.000 to 8.0.361
Review the following advisories and apply the necessary updates:
| Dell |
| 601 | Ubuntu Security Advisory. [Published Date: 2026-01-12]
[Id:2026.01.12.003]
details...
Between 5th and 11th January 2026, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 602 | Microsoft Edge Security Advisory. [Published Date: 2026-01-12]
[Id:2026.01.12.004]
details...
| Microsoft |
| 603 | VMware Security Advisory. [Published Date: 2026-01-12]
[Id:2026.01.12.005]
details...
Between 5th and 11th January 2026, VMware released a security advisory addressing multiple vulnerabilities in VMware Tanzu Greenplum Backup and Restore - versions prior to 1.32.2.
Review the following advisories and apply the necessary updates:
| Vmware |
| 604 | Critical Vulnerability in n8n (CVE-2026-21858) affects Hosts in Bangladesh. [Published Date: 2026-01-11]
[Id:2026.01.11.001]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 605 | GitHub Security Advisory. [Published Date: 2026-01-08]
[Id:2026.01.08.001]
details...
On 7th January 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.7.1, 18.6.3 and 18.5.5
- GitLab Enterprise Edition (EE) - versions prior to 18.7.1, 18.6.3 and 18.5.5
Review the following advisories and apply the necessary updates:
| Github |
| 606 | Tenable Security Advisory. [Published Date: 2026-01-08]
[Id:2026.01.08.002]
details...
On 7th January 2026, Tenable published a security advisory to address vulnerabilities in the following products:
- Tenable Nessus - versions prior to 10.9.3
- Tenable Nessus - versions 11.0.0 to 11.0.2
Review the following advisories and apply the necessary updates:
| Tenable |
| 607 | Trend Micro Security Advisory. [Published Date: 2026-01-08]
[Id:2026.01.08.003]
details...
On 7th January 2026, Trend Micro published security advisories to address vulnerabilities in Apex Central (on-premises) - versions prior to Build 7190.
Review the following Trend Micro Security Advisory and apply the necessary updates.
| Trendmicro |
| 608 | Google Chrome Security Advisory. [Published Date: 2026-01-07]
[Id:2026.01.07.001]
details...
On 6th January 2026, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 143.0.7499.192/.193 (Windows/Mac) and 143.0.7499.192 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 609 | GitHub Security Advisory. [Published Date: 2026-01-07]
[Id:2026.01.07.002]
details...
On 6th January 2026, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.19.x prior to 3.19.1
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.4
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.10
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.13
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.17
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.22
Review the following advisories and apply the necessary updates:
| Github |
| 610 | n8n Security Advisory. [Published Date: 2026-01-07]
[Id:2026.01.07.003]
details...
On 6th January 2026, n8n released security updates to address multiple vulnerabilities in n8n - versions 0.123.0 to versions prior to 1.121.3.
Review the following advisories and apply the necessary updates:
| n8n |
| 611 | Android security advisory - January 2026 Monthly Rollup. [Published Date: 2026-01-07]
[Id:2026.01.07.004]
details...
On 6th January 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 612 | Qualcomm Security Advisory - January 2026 monthly rollup. [Published Date: 2026-01-07]
[Id:2026.01.07.005]
details...
On 6th January 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 613 | Samsung Mobile Security Advisory. [Published Date: 2026-01-07]
[Id:2026.01.07.006]
details...
On 6th January 2026, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-JAN-2026.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 614 | Veeam Security Advisory. [Published Date: 2026-01-07]
[Id:2026.01.07.007]
details...
On 6th January 2026, Veeam published security advisories to address vulnerabilities in Veeam Backup & Replication - versions prior to 13.0.1.1071.
Review the following advisories and apply the necessary updates:
| Veeam |
| 615 | IBM Security Advisory. [Published Date: 2026-01-05]
[Id:2026.01.05.001]
details...
Between December 28th, 2025, and 4th January 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM App Connect Enterprise Certified Containers Operands - versions 12.0 LTS: 12.0.12-r1 to 12.0.12-r18
- IBM App Connect Enterprise Certified Containers Operands - versions CD: 12.0.10.0-r3 to 12.0.12.5-r1, 13.0.1.0-r1 to 13.0.5.2-r1
- IBM App Connect Operator - versions 12.0 LTS: 12.0.0 to 12.0.18
- IBM App Connect Operator - versions CD: 11.1.0 to 11.6.0, 12.1.0 to 12.18.0
- IBM Event Processing - versions 1.0.0 to 1.4.4
- IBM Maximo Application Suite - Monitor Component - versions 9.1,9.0,8.11 and 8.10
- IBM Storage Ceph - multiple versions
- IBM watsonx Assistant Cartridge - versions 4.0 to 5.2.2
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component - versions 5.0 to 5.2.2
- Maximo AI Service - version 9.1
- 1.4.0.0 to 1.4.0.5_iFix001 on Solaris SPARC
- IBM Sterling Connect:Direct File Agent - versions 1.4.0. to 1.4.0.5 with bundles JRE on AIX, Linux X64, Linux PPC and Windows
- IBM StreamSets Data Collector - versions 5.0.0 to 6.4.1
- IBM Tivoli Application Dependency Discovery Manager - versions 7.3.0.0 to 7.3.0.11
- IBM Total Storage Service Console (TSSC) / TS4500 IMC - multiple versions
- IBM TXSeries for Mutiplatforms - versions 8.2, 9.1, 10.1 and 11.1
- IBM webMethods Managed File Transfer (on-prem) - version 11.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 616 | IBM Security Advisory. [Published Date: 2025-12-29]
[Id:2025.12.29.001]
details...
Between 22nd and 28th December 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM API Connect - versions 10.0.8.0 to 10.0.8.5 and V10.0.11.0
- IBM API Connect Enterprise - versions 13.0.1.0 to 13.0.5.2 and 12.0.1.0 to 12.0.12.20
- IBM Big SQL on IBM Cloud Pak for Data - multiple versions
- IBM Business Automation Insights - versions 25.0.0, 24.0.1 and 24.0.0
- IBM CICS TX Advanced - versions 10.1 and 11.1
- IBM CICS TX Standard - version 11.1
- IBM CICS Transaction Gateway Desktop Edition - versions 9.1, 9.2, 9.3 and 10.1
- IBM CICS Transaction Gateway for Multiplatforms - versions 9.1, 9.2, 9.3 and 10.1
- IBM Concert Software - version 1.0.0 to 2.1.0
- IBM DataPower Gateway 10.6CD - versions 10.6.1.0 to 10.6.5.0
- IBM Edge Data Collector - versions 9.1, 9.0 and 8.11
- IBM Maximo Application Suite - Monitor Component - versions 9.1, 9.0, 8.11 and 8.10
- IBM Maximo Application Suite - AI Service - version 9.1
- IBM Netezza Appliance - version 1.0.0.0
- IBM Sterling Connect:Direct File Agent - versions 1.4.0.0 to 1.4.0.5_iFix001 on Solaris SPARC
- IBM Sterling Connect:Direct File Agent - versions 1.4.0. to 1.4.0.5 with bundles JRE on AIX, Linux X64, Linux PPC and Windows
- IBM StreamSets Data Collector - versions 5.0.0 to 6.4.1
- IBM Tivoli Application Dependency Discovery Manager - versions 7.3.0.0 to 7.3.0.11
- IBM Total Storage Service Console (TSSC) / TS4500 IMC - multiple versions
- IBM TXSeries for Mutiplatforms - versions 8.2, 9.1, 10.1 and 11.1
- IBM webMethods Managed File Transfer (on-prem) - version 11.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 617 | VMware Security Advisory. [Published Date: 2025-12-29]
[Id:2025.12.29.002]
details...
Between 22nd and 28th December 2025, VMware published security advisories to address vulnerabilities in the following products:
- AI Services for VMware Tanzu Platform - versions prior to 10.3.2
- Application Services for VMware Tanzu Platform - versions prior to 3.3.13
- Elastic Application Runtime Windows add-on for VMware Tanzu Platform - versions prior to 10.2.6+LTS-T, 10.3.2 and 6.0.23+LTS-T
- Healthwatch - versions prior to 2.3.4
- Isolation Segmentation for VMware Tanzu Platform - versions prior to 10.2.6+LTS-T, 10.3.2 and 6.0.23+LTS-T
- Java Buildpack - versions prior to 4.86.0
- Stemcells (Windows) - versions prior to 2019.93.x
- Tanzu Hub - versions prior to 10.3.2
- VMware Tanzu for Postgres on Tanzu Platform - versions prior to 10.2.2
- VMware Tanzu GemFire on Tanzu Platform - versions prior to 2.2.1
- VMware Tanzu Greenplum - versions prior to 7.7.0
- VMware Tanzu Greenplum SQL Editor - versions prior to 1.2.1
- VMware Tanzu RabbitMQ on Tanzu Platform - versions prior to 10.1.1
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 618 | Dell Security Advisory. [Published Date: 2025-12-29]
[Id:2025.12.29.003]
details...
Between 22nd and 28th December 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Storage Resource Manager (SRM) - version prior to 6.0.0.1
- Dell Storage Monitoring and Reporting (SMR) - version prior to 6.0.0.1
Review the following advisories and apply the necessary updates:
| Dell |
| 619 | MongoDB Security Advisory. [Published Date: 2025-12-24]
[Id:2025.12.24.001]
details...
On 15th December 2025, MongoDB published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- MongoDB - versions 8.2.0 to 8.2.3
- MongoDB - versions 8.0.0 to 8.0.16
- MongoDB - versions 7.0.0 to 7.0.26
- MongoDB - versions 6.0.0 to 6.0.26
- MongoDB - versions 5.0.0 to 5.0.31
- MongoDB - versions 4.4.0 to 4.4.29
- MongoDB Server v4.2 - all versions
- MongoDB Server v4.0 - all versions
- MongoDB Server v3.6 - all versions
Review the MongoDB security bulletins and apply the necessary updates. | MongoDB |
| 620 | Ubuntu Security Advisory. [Published Date: 2025-12-23]
[Id:2025.12.23.001]
details...
Between 15th and 21st December 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 621 | Red Hat Security Advisory. [Published Date: 2025-12-23]
[Id:2025.12.23.002]
details...
Between 15th and 21st December 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 622 | VMware Security Advisory. [Published Date: 2025-12-23]
[Id:2025.12.23.003]
details...
Between 15th December and 21st December 2025, VMware published security advisories to address vulnerabilities in the following products:
- .NET Core Tanzu Buildpack - version prior to 2.4.71 and 2.4.72
- Cloud Native Buildpacks for VMware Tanzu Platform - versions prior to 0.6.1
- Elastic Application Runtime for VMware Tanzu Platform - versions prior to 10.2.6+LTS-T, 10.3.2 and 6.0.23+LTS-T
- Extended App Support for Tanzu Platform - version prior to 1.0.11
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 623 | TeamViewer Security Advisory. [Published Date: 2025-12-23]
[Id:2025.12.23.004]
details...
On 11th December 2025, TeamViewer published security updates to address vulnerabilities in the following products:
- TeamViewer DEX Client - NomadBranch.exe - versions prior to 1E Client 25.11.0.29
- TeamViewer DEX Client - NomadBranch.exe - versions prior to 1E Client 25.9.0.46 - HF-PLTPKG-524 (Hotfix)
- TeamViewer DEX Client - NomadBranch.exe - versions prior to 1E Client 25.5.0.53 - HF-PLTPKG-526 (Hotfix)
- TeamViewer DEX Client - NomadBranch.exe - versions prior to 1E Client 24.5.0.69 - HF-PLTPKG-525 (Hotfix)
- TeamViewer DEX - multiple versions
Review the following TeamViewer Security Advisory and apply the necessary updates:
| Teamviewer |
| 624 | IBM Security Advisory. [Published Date: 2025-12-22]
[Id:2025.12.22.001]
details...
Between 15th and 21st December 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM API Connect - version 10.0.8.0 to 10.0.8.5 and V10.0.11.0
- IBM CloudPak for AIOps - versions 4.1.0 to 4.11.1
- IBM Concert Software - version 1.0.0 to 2.1.0
- IBM DataPower Gateway - version 10.6.6.0
- IBM Data Virtualization on Cloud Pak for Data - versions 3.0, 3.1 and 3.2
- IBM Db2 on Cloud Pak for Data versions - versions v4.8, v5.0, v5.1, v5.2 and v5.3
- IBM Db2 Warehouse on Cloud Pak for Data - versions v4.8, v5.0, v5.1, v5.2 and v5.3
- IBM DS8A00 - multiple versions
- IBM Edge Data Collector - version 8.11
- IBM Fusion - versions 2.2.0 to 2.11.1
- IBM Fusion HCI - versions 2.2.0 to 2.11.1
- IBM Fusion HCI for watson - versions 2.2.0 to 2.11.1
- IBM Library Support for Spring - Spring-boot – versions 2.7.0 to 2.7.18
- IBM Library Support for Spring - Spring-framework – versions 5.3.0 to 5.3.39
- IBM Library Support for Struts - versions 1.1.1 to 1.1.3
- IBM MANTA Automated Data Lineage for IBM Cloud Pak for Data - version 4.5.0 to 5.3.0
- IBM QRadar Suite Software - versions 1.11.0.0 to 1.11.7.0
- IBM QRadar Suite Software - versions 4.1.15 to 5.0.2
- IBM Rhapsody Systems Engineering - multiple versions
- IBM Security QRadar Analyst Wrokflow for IBM QRadar SIEM - versions 2.32.0 to 3.0.0
- IBM Sterling Partner Engagement Manager - multiple versions
- IBM Watson Query on Cloud Pak for Data - version 2.2
- IBM Watson Speech Services Cartridge - versions 4.0.0 - 5.2.2
- IBM watsonx Code Assistant On Prem - version 5.1.1, 5.1.2, 5.1.3, 5.2, 5.2.1 and 5.2.2
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 - 1.15.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 625 | Dell Security Advisory. [Published Date: 2025-12-22]
[Id:2025.12.22.002]
details...
Between 15th and 21st December 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Metro node - version mn-114, mn-215 and mn-216
- Dell PowerEdge - multiple versions and models
- Dell PowerProtect Data Domain - multiple versions
- Dell RecoverPoint for Virtual Machines - Debian 12 - versions prior to 6.0 SP3 P1
- Dell RecoverPoint for Virtual Machines - SUSE Linux Enterprise 12 SP6 - versions prior to 6.0 SP3 P1
- Dell Storage Resource Manager (SRM) - version prior to 6.0.0.1
- Dell Storage Monitoring and Reporting (SMR) - version prior to 6.0.0.1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 626 | WatchGuard Security Advisory. [Published Date: 2025-12-19]
[Id:2025.12.19.001]
details...
On 18th December 2025, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS - versions prior to 2025.1.4
- Fireware OS - versions prior to 12.11.6
- Fireware OS - versions prior to 12.5.15
- Fireware OS - versions prior to 12.3.1_Update4 (FIPS) (B728352)
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 627 | Google Chrome Security Advisory. [Published Date: 2025-12-19]
[Id:2025.12.19.002]
details...
On 18th December 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 143.0.7499.169/.170 (Windows/Mac) and 143.0.7499.169 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 628 | Microsoft Edge Security Advisory. [Published Date: 2025-12-19]
[Id:2025.12.19.003]
details...
| Microsoft |
| 629 | Mozilla Security Advisory. [Published Date: 2025-12-18]
[Id:2025.12.18.001]
details...
On 18th December 2025, Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 146.0.1.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 630 | HPE Security Advisory. [Published Date: 2025-12-17]
[Id:2025.12.17.001]
details...
On 16th December 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE OneView - versions prior to v11.00
- HPE Telco Service Activator - version 10.3.2 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 631 | Tenable Security Advisory. [Published Date: 2025-12-17]
[Id:2025.12.17.002]
details...
On 15th December 2025, Tenable released security updates to address vulnerabilities affecting the enable Nessus - versions prior to 10.9.6 and 10.11.1.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 632 | Google Chrome Security Advisory. [Published Date: 2025-12-17]
[Id:2025.12.17.003]
details...
On 16th December 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 143.0.7499.146/.147 (Windows/Mac) and 143.0.7499.146 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 633 | SonicWall Security Advisory - Update 1. [Published Date: 2025-12-17]
[Id:2025.12.17.004]
details...
On 17th December 2025, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- SMA 100 - versions 12.4.3-03093 (platform-hotfix) and prior
- SMA 100 - versions 12.5.0-02002 (platform-hotfix) and prior
Update 1:
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 634 | Mozilla Security Advisory. [Published Date: 2025-12-17]
[Id:2025.12.17.005]
details...
On 15th December 2025, Mozilla published security advisories to address vulnerabilities in Firefox for iOS prior to version 144.0.
Review the following advisories and apply the necessary updates:
On 15th December 2025, Mozilla published security advisories to address vulnerabilities in Firefox for iOS prior to version 144.0.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 635 | Drupal Security Advisory. [Published Date: 2025-12-17]
[Id:2025.12.17.006]
details...
On 17th December 2025, Drupal published security advisories to address vulnerabilities in the following products:
- HTTP Client Manager - version 9.3.13
- HTTP Client Manager - versions 10.0.x prior to 10.0.2
- HTTP Client Manager - version 11.0.x prior to 11.0.1
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 636 | Cisco Security Advisory - Update 1. [Published Date: 2025-12-17]
[Id:2025.12.17.007]
details...
On 17th December 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Secure Email Gateway - all versions of AsyncOS with Spam Quarantine feature enabled and exposed on the internet
- Cisco Secure Email and Web Manager - all versions of AsyncOS with Spam Quarantine feature enabled and exposed on the internet
Update 1
Review the following advisories and apply the necessary updates:
| Cisco |
| 637 | Red Hat Security Advisory. [Published Date: 2025-12-16]
[Id:2025.12.16.001]
details...
Between 8th and 14th December 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following Red Hat Security Advisory and apply the necessary updates:
| Red Hat |
| 638 | Microsoft Edge Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.001]
details...
| Microsoft |
| 639 | HPE Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.002]
details...
On 4th December 2025, HPE published a security advisory to address vulnerabilities in HPE ProLiant DL/ML/XD Alletra and Synergy Servers (multiple models) - Intel QuickAssist Technology (QAT) software drivers for MS Windows versions prior to v2.6.0.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 640 | React Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.003]
details...
On 11th December 2025, React published a security advisory to address vulnerabilities in the following products:
- React-server-dom-webpack - versions 19.0.0 to 19.0.1, 19.1.0 to 19.1.2 and 19.2.0 to 9.2.1
- React-server-dom-parcel - versions 19.0.0 to 19.0.1, 19.1.0 to 19.1.2 and 19.2.0 to 9.2.1
- React-server-dom-turbopack - versions 19.0.0 to 19.0.1, 19.1.0 to 19.1.2 and 19.2.0 to 9.2.1
- React-server-dom-webpack - versions 19.0.2, 19.1.3 and 19.2.2
- React-server-dom-parcel - 19.0.2, 19.1.3 and 19.2.2
- React-server-dom-turbopack - versions 19.0.2, 19.1.3 and 19.2.2
Review the following React Security Advisory and apply the necessary updates:
| React |
| 641 | IBM Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.004]
details...
Between 8th and 14th December 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Storage Defender - Resiliency Service - versions 2.0.0 to 2.0.18
- IBM Guardium Data Protection - version 11.5
- IBM Maximo Application Suite - Monitor Component - versions 9.1, 9.0, 8.11 and 8.10
- IBM Edge Data Collector - versions 9.1, 9.0 and 8.11
- IBM Observability with Instana (OnPrem) - versions Build 1.0.283 to 1.0.307
- IBM OmniFind Text Search Server for DB2 for I - versions 1.7, 1.6 and 1.5
- IBM Storage Defender - Data Protect - versions 2.0.0 to 2.0.18
- IBM Business Automation Manager Open Editions - versions 9.0.0 to 9.3.0
- IBM Storage Defender Copy Data Management - versions 2.2.0.0 to 2.2.27.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 642 | Ubuntu Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.005]
details...
Between 8th and 14th December 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 643 | Apple Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.006]
details...
On 12th December 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS - versions prior to 26.2
- iPadOS - versions prior to 26.2
- iOS - versions prior to 18.7.3
- iPadOS - versions prior to 18.7.3
- macOS Tahoe - versions prior to 26.2
- macOS Sequoia - versions prior to 15.7.3
- macOS Sonoma - versions prior to 14.8.3
- tvOS - versions prior to 26.2
- watchOS - versions prior to 26.2
- visionOS - versions prior to 26.2
- Safari - versions prior to 26.2
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 644 | VMware Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.007]
details...
Between 8th and 14th December 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.1.6
- VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.2.1
Review the following advisories and apply the necessary updates:
| Vmware |
| 645 | ConnectWise Security Advisory. [Published Date: 2025-12-15]
[Id:2025.12.15.008]
details...
On 11th December 2025, Microsoft published a security update to address vulnerabilities in the ConnectWise ScreenConnect - versions prior to 25.8.
Review the following ConnectWise Security Advisory and apply the necessary updates:
| ConnectWise |
| 646 | 2025 CWE Top 25 Most Dangerous Software Weaknesses. [Published Date: 2025-12-12]
[Id:2025.12.12.001]
details...
On 11th December 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by the MITRE Corporation, released the 2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. This annual list identifies the most critical weaknesses adversaries exploit to compromise systems, steal data, or disrupt services.
The 2025 CWE Top 25:
- Supports Vulnerability Reduction: By focusing on the Top 25, organizations can prioritize lifecycle changes, adopt safer architectural decisions, and reduce high-impact vulnerabilities in injection, access control, and memory safety.
- Drives Cost Efficiencies: Eliminating weaknesses early reduces downstream remediation; addressing them before deployment is more efficient and cost effective than patching, reconfiguring, or responding to emergency incidents.
- Strengthens Customer and Stakeholder Trust: Transparent efforts to identify, mitigate, and monitor weaknesses demonstrate commitment to Secure by Design principles. Organizations that prioritize eliminating recurring weaknesses contribute to a safer software ecosystem.
- Promotes Consumer Awareness: The Top 25 empowers consumers to understand underlying causes of common vulnerabilities, supports more informed purchasing decisions, and encourages adoption of products that follow robust security engineering practices.
Recommendations:
- For Developers and Product Teams: Review the 2025 CWE Top 25 to identify high-priority weaknesses and adopt Secure by Design practices in development.
- For Security Teams: Incorporate the Top 25 into vulnerability management and application security testing to assess and mitigate critical weaknesses.
- For Procurement and Risk Managers: Use the Top 25 as a benchmark when evaluating vendors and apply Secure by Demand guidelines to ensure investment in secure products.
| CISA |
| 647 | Atlassian Security Advisory. [Published Date: 2025-12-12]
[Id:2025.12.12.002]
details...
On 11th December 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Fisheye/Crucible - versions 4.9.0 to 4.9.5, versions 4.8.14 to 4.8.16
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 648 | FreePBX Security Advisory. [Published Date: 2025-12-12]
[Id:2025.12.12.003]
details...
On 9th December 2025, FreePBX published security advisories to address vulnerabilities in the following products:
- FreePBX Security-Reporting framework (FreePBX 16/17) - versions 16.0.44 and prior
- FreePBX Security-Reporting framework (FreePBX 16/17) - versions 17.0.23 and prior
Review the FreePBX security bulletins and apply the required updates. | FreePBX |
| 649 | GitHub Security Advisory. [Published Date: 2025-12-11]
[Id:2025.12.11.001]
details...
On 10th December 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.6.2, 18.5.4 and 18.4.6
- GitLab Enterprise Edition (EE) - versions prior to 18.6.2, 18.5.4 and 18.4.6
Review the following advisories and apply the necessary updates:
| Github |
| 650 | Drupal Security Advisory. [Published Date: 2025-12-11]
[Id:2025.12.11.002]
details...
On 11th December 2025, Drupal published security advisories to address vulnerabilities in the following products:
- Acquia Content Hub - versions 3.6.x prior to 3.6.4
- Acquia Content Hub - versions 3.7.x prior to 3.7.3
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 651 | Google Chrome Security Advisory. [Published Date: 2025-12-11]
[Id:2025.12.11.003]
details...
On 10th December 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 143.0.7499.109/.110 (Windows/Mac) and 143.0.7499.109 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 652 | Adobe Security Advisory. [Published Date: 2025-12-10]
[Id:2025.12.10.001]
details...
On 9th December 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- ColdFusion 2025 - version Update 4 and prior
- ColdFusion 2023 - version Update 16 and prior
- ColdFusion 2021 - version Update 22 and prior
- Adobe Experience Manager (AEM) - version AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) - version 6.5 LTS, version 6.5.23 and prior
- Adobe DNG Software Development Kit (SDK) - version DNG SDK 1.7.0 and prior
- Acrobat DC - version 25.001.20982 and prior
- Acrobat Reader DC - version 25.001.20982 and prior
- Acrobat 2024 (Windows) - version 24.001.30264 and prior
- Acrobat 2024 (Mac) - version 24.001.30273 and prior
- Acrobat 2020 (Windows) - version 20.005.30793 and prior
- Acrobat 2020 (Mac) - version 20.005.30803 and prior
- Acrobat Reader 2020 (Windows) - version 20.005.30793 and prior
- Acrobat Reader 2020 (Mac) - version 20.005.30803 and prior
- Creative Cloud Desktop Application - version 6.4.0.361 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 653 | Ivanti Security Advisory. [Published Date: 2025-12-10]
[Id:2025.12.10.002]
details...
On 9th December 2025, Ivanti published a security advisory to address a vulnerability in Ivanti Endpoint Manager - version 2024 SU4 and prior.
Review the following advisories and apply the necessary updates:
| Ivanti |
| 654 | Jenkins Security Advisory. [Published Date: 2025-12-10]
[Id:2025.12.10.003]
details...
On 9th December 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
- BlazeMeter - version 4.27
- Coverage - version 2.3054.ve1ff7b_a_a_123b_ and prior
- Git client - version 6.4.0 and prior
- HashiCorp Vault - version 371.v884a_4dd60fb_6 and prior
- Redpen - Pipeline Reporter for Jira - version 1.054.v7b_9517b_6b_202 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 655 | SAP security advisory - December 2025 monthly rollup. [Published Date: 2025-12-09]
[Id:2025.12.09.001]
details...
On 9th December 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP Solution Manager - version ST 720
- SAP Commerce Cloud - versions HY_COM 2205, COM_CLOUD 2211 and COM_CLOUD 2211-JDK21
- SAP jConnect - SDK for ASE - versions SYBASE_SOFTWARE_DEVELOPER_KIT 16.0.4 and 16.1
- SAP Web Dispatcher and Internet Communication Manager (ICM) - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, WEBDISP 7.22_EXT, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93 and 9.16
- SAP NetWeaver (remote service for Xcelsius) - versions BI-BASE-E 7.50, BI-BASE-B 7.50, BI-IBC 7.50, BI-BASE-S 7.50 and BIWEBAPP 7.50
- SAP Business Objects - versions ENTERPRISE 430, 2025 and 2027
- SAP Web Dispatcher, Internet Communication Manager and SAP Content Server - versions KRNL64UC 7.53, WEBDISP 7.53, 7.54, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, CONTSERV 7.53, 7.54, KERNEL 7.53 and 7.54
- SAP S/4 HANA Private Cloud (Financials General Ledger) - versions S4CORE 104, 105, 106, 107, 108 and 109
- SAP NetWeaver Internet Communication Framework - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 and SAP_BASIS 758
- Application Server ABAP - versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.16 and 9.17
- SAP NetWeaver Enterprise Portal - version EP-RUNTIME 7.50
- SAPUI5 framework (Markdown-it component) - versions SAP_UI 755, 756, 757 and 758
- SAP Enterprise Search for ABAP - versions SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 and SAP_BASIS 816
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
Review the SAP Security Patch Day - December 2025 and apply the necessary updates. | SAP |
| 656 | Mozilla Security Advisory. [Published Date: 2025-12-09]
[Id:2025.12.09.002]
details...
On 9th December 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 146
- Firefox ESR - versions prior to 115.31
- Firefox ESR - versions prior to 140.6
Review the following advisories and apply the necessary updates:
| Mozilla |
| 657 | VMware Security Advisory. [Published Date: 2025-12-09]
[Id:2025.12.09.003]
details...
On 9th December 2025, VMware released a security advisory to address multiple vulnerabilities in VMware Tanzu RabbitMQ on Kubernetes - versions prior to 4.1.6 and 4.2.1.
Review the following advisories and apply the necessary updates:
| Vmware |
| 658 | Fortinet Security Advisory. [Published Date: 2025-12-09]
[Id:2025.12.09.004]
details...
On 9th December 2025, Fortinet published a security advisory to address multiple vulnerabilities in FortiCloud SSO Login Authentication Bypass affecting the following products:
- FortiOS,
- FortiWeb,
- FortiProxy
- FortiSwitchManager
Review the following advisories and apply the necessary updates:
| Fortinet |
| 659 | Microsoft Security Advisory - December 2025 monthly rollup. [Published Date: 2025-12-09]
[Id:2025.12.09.005]
details...
On 9th December 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Azure App Gateway
- Azure Bastion Developer
- Azure Monitor
- Azure Monitor Control Service
- Dynamics 365 Field Service (online)
- Dynamics OmniChannel SDK Storage Containers
- Microsoft 365 Apps for Enterprise
- Microsoft 365 Defender Portal
- Microsoft Configuration Manager 2403
- Microsoft Configuration Manager 2409
- Microsoft Configuration Manager 2503
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Office for Android
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Online
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022 version 17.14
- Microsoft Visual Studio Code CoPilot Chat Extension
- Nuance PowerScribe 360
- Nuance PowerScribe One
- Office Online Server
- OneDrive for Android
- PowerScribe One version 2023.1 SP2 Patch 7
- Visual Studio Code
- Windows 10
- Windows 10 Version 1607
- Windows 10 Version 1809
- Windows 10 Version 21H2
- Windows 10 Version 22H2
- Windows 11 Version 22H2
- Windows 11 Version 23H2
- Windows 11 Version 24H2
- Windows 11 Version 25H2
- Windows Server 2008
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
- Windows Server 2025 (Server Core installation)
- Windows Subsystem for Linux GUI
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 660 | IBM Security Advisory. [Published Date: 2025-12-08]
[Id:2025.12.08.001]
details...
Between 1st and 7th December 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM AIX - versions 7.2 and 7.3
- IBM Aspera Shares - versions 1.9.9 to 1.10.1
- IBM Business Automation Workflow - version 24.0.1
- IBM Cloud Pak System - version 2.3.6.0
- IBM Controller - versions 11.1.0 to 11.1.1
- IBM Guardium Data Security Center - version 3.8.5
- IBM Jazz Reporting Service - multiple versions
- IBM Maximo Application Suite Monitor Component - multiple versions
- IBM Process Mining - version 2.0.3 IF001 and 2.0.3
- IBM Use Case Manager App - versions 1.0.0 to 4.0.0
- IBM VIOS - versions 3.1 and 4.1
- IBM Watson Studio on Cloud Pak for Data - versions 4.0.0 to 4.8.9 and versions 5.0.0 to 5.2.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 661 | Dell Security Advisory. [Published Date: 2025-12-08]
[Id:2025.12.08.002]
details...
Between 1st and 7th December 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Microsoft Azure - versions prior to 01.06.02.00
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.02.06.00
- Dell BSAFE SSL-J - versions prior to 7.4
- Dell NetWorker - versions 19.13 to 19.13.0.1
- Dell NetWorker - versions prior to 19.12.0.4
- Dell Networking OS10 - versions prior to 10.5.5.16
- Dell Networking OS10 - versions prior to 10.5.6.11
- Dell PowerEdge XE9680/XE7740 - versions prior to 1.21.0
- Dell PowerFlex Custom Node - multiple versions and models
- Dell PowerStore T Security - multiple versions and models
- Dell VxFlex Ready Node - versions prior to 2.24.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 662 | Ubuntu Security Advisory. [Published Date: 2025-12-08]
[Id:2025.12.08.003]
details...
Between 1st and 7th December 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
- Ubuntu 25.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 663 | Red Hat Security Advisory. [Published Date: 2025-12-08]
[Id:2025.12.08.004]
details...
Between 1st and 7th December 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 664 | WatchGuard Security Advisory. [Published Date: 2025-12-08]
[Id:2025.12.08.005]
details...
On 4th December 2025, WatchGuard published a security advisory to address vulnerabilities in the following products:
- Fireware OS 2025.1 - versions prior to 2025.1.3
- Fireware OS 12.x - versions prior to 12.11.5
- Fireware OS 12.5.x - versions prior to 12.5.14
- Fireware OS 11.x - end of life
Review the WatchGuard security advisory and apply the necessary updates. | WatchGuard |
| 665 | Apache Tika Security Advisory. [Published Date: 2025-12-07]
[Id:2025.12.07.001]
details...
On 4th December 2025, Apache published a security advisory to address vulnerabilities in the following products:
- Apache Tika core (org.apache.tika:tika-core) 1.13 through 3.2.1
- Apache Tika parsers (org.apache.tika:tika-parsers) 1.13 before 2.0.0
- Apache Tika PDF parser module (org.apache.tika:tika-parser-pdf-module) 2.0.0 through 3.2.1
Review the Apache security advisory and apply the necessary updates. | Apache |
| 666 | Microsoft Edge Security Advisory. [Published Date: 2025-12-05]
[Id:2025.12.05.001]
details...
| Microsoft |
| 667 | React Security Advisory. [Published Date: 2025-12-05]
[Id:2025.12.05.002]
details...
On 5th December 2025, React published a security advisory to address vulnerabilities in the following products:
- React Server Components - all versions prior to React 19.0.1, 19.1.2, and 19.2.1
- Next.js 15.x - all versions prior to the patched 15.x release
- Next.js 16.x - all versions prior to the patched 16.x release
- Any frameworks or tools that bundle React Server Components prior to the patched React versions.
Review the provided React Security Advisory and apply the necessary updates. | React |
| 668 | Samsung Mobile Security Advisory. [Published Date: 2025-12-04]
[Id:2025.12.04.001]
details...
On 4th December 2025, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-DEC-2025.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 669 | Drupal Security Advisory. [Published Date: 2025-12-04]
[Id:2025.12.04.002]
details...
On 3rd December 2025, Drupal published security advisories to address vulnerabilities in the following products:
- Mini site - versions prior to 3.0.2
- CKEditor 5 Premium Features - multiple versions
- AI (Artificial Intelligence) - multiple versions
- Login Time Restriction - versions prior to 1.0.3
- Tagify - versions prior to 1.2.44
- Next.js - versions prior to 1.6.4, version 2.0.0 to version prior to 2.0.1
- Entity Share - versions prior to 3.x-3.13, versions prior to 3.13.0
- Disable Login Page - versions prior to 1.1.3
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 670 | HPE Security Advisory. [Published Date: 2025-12-04]
[Id:2025.12.04.003]
details...
On 4th December 2025, HPE published a security advisory to address vulnerabilities in HP-UX OpenSSL Software - versions prior to A.03.00.17.001.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 671 | Google Chrome Security Advisory. [Published Date: 2025-12-03]
[Id:2025.12.03.001]
details...
On 2nd December 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 143.0.7499.40/41 (Windows/Mac) and 143.0.7499.40 (Linux).
Review the Google security bulletins and apply the required updates. | Google |
| 672 | GitHub Security Advisory. [Published Date: 2025-12-03]
[Id:2025.12.03.002]
details...
On 2nd December 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - version 3.19.0-rc.1
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.2
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.8
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.11
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.15
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.20
Review the following advisories and apply the necessary updates:
| Github |
| 673 | Splunk Security Advisory. [Published Date: 2025-12-03]
[Id:2025.12.03.003]
details...
On 3rd December 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - multiple versions
- Splunk Cloud Platform - multiple versions
- Splunk Secure Gateway - multiple versions
- Splunk MCP Server - versions prior to 0.2.4
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 674 | OpenVPN Security Advisory. [Published Date: 2025-12-02]
[Id:2025.12.02.001]
details...
On 18th November 2025, OpenVPN published a security bulletin to address vulnerabilities in OpenVPN - versions 2.7_alpha1 to 2.7_rc1.
Review the following advisories and apply the necessary updates:
| OpenVPN |
| 675 | Android security advisory - December 2025 Monthly Rollup. [Published Date: 2025-12-02]
[Id:2025.12.02.002]
details...
On 1st December 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 676 | Apache Struts Security Advisory. [Published Date: 2025-12-02]
[Id:2025.12.02.003]
details...
On 11th November 2025, Apache published a security advisory to address vulnerabilities in the following products:
- Apache Struts - versions Struts 2.0.0 to Struts 2.3.37 (EOL)
- Apache Struts - versions Struts 2.5.0 to Struts 2.5.33 (EOL)
- Apache Struts - versions Struts 6.0.0 to Struts 6.7.0
- Apache Struts - versions Struts 7.0.0 to Struts 7.0.3
Review the Apache security advisory and apply the necessary updates. | Apache |
| 677 | HPE Security Advisory. [Published Date: 2025-12-02]
[Id:2025.12.02.004]
details...
On 2nd December 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE TeMIP - version 8.5.0
- HPE Telco Unified OSS Console - versions prior to v3.1.17
- HPE Telco Network Function Virtual Orchestrator - versions v7.4.0 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 678 | IBM Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.001]
details...
Between 24th and 30th December 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Astronomer with IBM - versions 1.0.0 to 1.0.1
- IBM QRadar Deployment Intelligence App - versions 1.0.0 to 3.0.18
- IBM Spectrum Control - versions 5.4 to 5.4.13.1
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 1.12.0
- IBM watsonx Orchestrate Developer Edition - versions 1.4.0 to 1.14.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 679 | Dell Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.002]
details...
Between 24th and 30th November 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Microsoft Azure - versions prior to 01.05.02.00
- Dell CloudBoost Virtual Appliance - versions prior to 19.13.0.2
- Dell CyberSense - versions prior to 8.15
- Dell NetWorker - versions 17.0.2 and 8.0.26
- Dell NetWorker - versions prior to 19.13.0.2
- Dell PowerEdge T40 - versions prior to 1.22.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 680 | Ubuntu Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.003]
details...
Between 24th and 30th November 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 681 | HPE Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.004]
details...
On 30th November 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Superdome Flex 280 Server - versions prior to 2.05.12
- HPE Compute Scale-up Server 3200 - versions prior to 1.60.88
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 682 | Red Hat Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.005]
details...
Between 24th and 30th November 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 683 | VMware Security Advisory. [Published Date: 2025-12-01]
[Id:2025.12.01.006]
details...
Between 30th November and 1st December 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire - versions prior to 10.1.5
- VMware Tanzu Greenplum - versions prior to 6.31.1
- VMware Tanzu Greenplum - versions prior to 7.6.1
- VMware Tanzu Data Flow on Tanzu Platform - versions prior to 2.0.1
- .NET Core Buildpack - versions prior to 2.4.67
Review the Security Advisories - Tanzu and apply the necessary updates. | Vmware |
| 684 | Qualcomm Security Advisory - December 2025 monthly rollup. [Published Date: 2025-12-01]
[Id:2025.12.01.007]
details...
On 1st December 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 685 | GitHub Security Advisory. [Published Date: 2025-11-26]
[Id:2025.11.26.001]
details...
On 26th November 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.6.1, 18.5.3 and 18.4.5
- GitLab Enterprise Edition (EE) - versions prior to 18.6.1, 18.5.3 and 18.4.5
Review the following advisories and apply the necessary updates:
| Github |
| 686 | Splunk Security Advisory. [Published Date: 2025-11-26]
[Id:2025.11.26.002]
details...
On 26th November 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk SOAR - versions prior to 7.0.0
- Splunk Add-on for Palo Alto Networks - versions prior to 2.0.2
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 687 | Dell Security Advisory. [Published Date: 2025-11-24]
[Id:2025.11.24.001]
details...
Between 18th and 23rd November 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell ObjectScale - versions prior to 4.1.0.1
- Dell PowerProtect Cyber Recovery - version 19.21.0.1 and prior
- Dell PowerProtect Cyber Recovery SLES - versions prior to 15.4.0-10
- Dell PowerProtect Data Manager - versions prior to 19.22
- Dell Storage Monitoring and Reporting - versions prior to 5.1.1.1 and versions prior to 6.0.0.0
- Dell Storage Resource Manager - versions prior to 5.1.1.1 and versions prior to 6.0.0.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 688 | IBM Security Advisory. [Published Date: 2025-11-24]
[Id:2025.11.24.002]
details...
Between 17th to 23rd November 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 689 | Ubuntu Security Advisory. [Published Date: 2025-11-24]
[Id:2025.11.24.003]
details...
Between 17th November and 23rd November 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 690 | VMware Security Advisory. [Published Date: 2025-11-24]
[Id:2025.11.24.004]
details...
Between 17th November and 23rd November 2025, VMware released a security advisory addressing multiple vulnerabilities in its products.
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 691 | Red Hat Security Advisory. [Published Date: 2025-11-24]
[Id:2025.11.24.005]
details...
Between 17th November and 23rd November 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 692 | HPE Security Advisory. [Published Date: 2025-11-21]
[Id:2025.11.21.001]
details...
On 20th November 2025, HPE published a security advisory to address vulnerabilities in HPE Telco Service Activator - versions 10.3.3 and prior.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 693 | SonicWall Security Advisory. [Published Date: 2025-11-20]
[Id:2025.11.20.001]
details...
On 19th November 2025, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Email Security (multiple models) - version 10.0.33.8195 and prior
- Gen7 hardware Firewalls (multiple models) - version 7.3.0-7012 and prior
- Gen7 virtual Firewalls (NSv) (multiple models) - version 7.3.0-7012 and prior
- Gen8 Firewalls (multiple models) - version 8.0.2-8011 and prior
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 694 | VMware Security Advisory. [Published Date: 2025-11-20]
[Id:2025.11.20.002]
details...
On 20th November 2025, VMware released a security advisory addressing multiple vulnerabilities in its products.
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 695 | VMware Security Advisory. [Published Date: 2025-11-19]
[Id:2025.11.19.001]
details...
On 18th November 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire - versions prior to 10.1.5
- VMware Tanzu Greenplum - versions prior to 6.31.1
- VMware Tanzu Greenplum - versions prior to 7.6.1
- VMware Tanzu Data Flow on Tanzu Platform - versions prior to 2.0.1
- .NET Core Buildpack - versions prior to 2.4.67
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 696 | Atlassian Security Advisory. [Published Date: 2025-11-19]
[Id:2025.11.19.002]
details...
On 18th November 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 697 | Microsoft Edge Security Advisory. [Published Date: 2025-11-19]
[Id:2025.11.19.003]
details...
| Microsoft |
| 698 | SolarWinds Security Advisory. [Published Date: 2025-11-19]
[Id:2025.11.19.004]
details...
On 18th November 2025, SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SolarWinds Serv-U - version 15.5.2.2.102
- SolarWinds Serv-U Broken Access Control - version 15.5.2.2.102
- SolarWinds Observability Self-Hosted - version 2025.4 and prior
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 699 | 7-Zip Security Advisory. [Published Date: 2025-11-19]
[Id:2025.11.19.005]
details...
On 18th August 2025, 7-Zip released a new version to address a vulnerability in versions prior to 25.0.
Review the 7-Zip update test and deploy vendor-released updates on affected platforms accordingly. | 7-Zip |
| 700 | Google Chrome Security Advisory. [Published Date: 2025-11-18]
[Id:2025.11.18.001]
details...
On 17th November 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 142.0.7444.175/.176 (Windows/Mac) and 142.0.7444.175 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 701 | Zyxel Security Advisory. [Published Date: 2025-11-18]
[Id:2025.11.18.002]
details...
On 18th November 2025, Zyxel published security advisories to address vulnerabilities in the following products:
- 4G LTE/5G NR CPE - multiple versions and models
- DSL/Ethernet CPE - multiple versions and models
- Fiber ONTs - multiple versions and models
- Security Routers - version 1.10(ACGN.3)C0 and prior
- Wireless Extenders - multiple versions and models
Review the following advisories and apply the necessary updates:
| Zyxel |
| 702 | HPE Security Advisory. [Published Date: 2025-11-18]
[Id:2025.11.18.003]
details...
On 18th November 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Aruba Networking AOS-CX - multiple versions and platforms
- HPE Aruba Networking Management Software (AirWave) - versions 8.3.0.4 and prior
- HPE Aruba Networking 100 Series Cellular Bridge AOS-10.7.1.x - versions 10.7.1.1 and prior
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 703 | Fortinet Security Advisory. [Published Date: 2025-11-18]
[Id:2025.11.18.004]
details...
On 18th November 2025, Fortinet published security advisories to address vulnerabilities in multiple products.
Review the following advisories and apply the necessary updates:
| Fortinet |
| 704 | IBM Security Advisory. [Published Date: 2025-11-17]
[Id:2025.11.17.001]
details...
Between 10th and 16th November 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 705 | Dell Security Advisory. [Published Date: 2025-11-17]
[Id:2025.11.17.002]
details...
Between 10th and 16th November 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell AMD-based PowerEdge Server - multiple versions
- Dell Alienware X16 R2 - versions prior to 32.0.100.4239
- Dell Data Lakehouse - versions prior to 1.6.0.0
- Dell Inspiron 14 Plus 7440 - versions prior to 32.0.100.4239
- Dell Inspiron 16 7640 2-in-1 - versions prior to 32.0.100.4239
- Dell Inspiron 16 Plus 7640 - versions prior to 32.0.100.4239
- Dell Intel E810 Adapters and Intel E823 LOM - versions prior to 24.0.0
- Dell NetWorker - versions prior to 19.12.0.3
- Dell Networking OS10 - versions prior to 10.6.1.0
- Dell PowerFlex Appliance - versions prior to IC 48.378.00 and IC 48.383.00
- Dell PowerFlex Software - versions prior to 4.8.0
- Dell PowerFlex rack - versions prior to 3.7.7.0 and 3.8.2.0
- Dell PowerScale OneFS - multiple versions
- Dell Pro Max Slim FCS1250 - versions prior to 32.0.100.4239
- Dell Pro Slim Plus QBS1250/Dell Pro Slim QCS1250 - versions prior to 32.0.100.4239
- Dell Slim ECS1250 - versions prior to 32.0.100.4239
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 706 | Ubuntu Security Advisory. [Published Date: 2025-11-17]
[Id:2025.11.17.003]
details...
Between 10th November and 16th November 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 707 | Red Hat Security Advisory. [Published Date: 2025-11-17]
[Id:2025.11.17.004]
details...
Between 10th November and 16th November 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 708 | Splunk Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.001]
details...
On 12th November 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - multiple versions
- Splunk Cloud Platform - multiple versions
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 709 | Microsoft Edge Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.002]
details...
| Microsoft |
| 710 | HPE Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.003]
details...
On 13th November 2025, HPE published a security advisory to address vulnerabilities in HPE SimpliVity 325 Gen10 Plus - version prior to HPE SimpliVity Gen10 Support Pack (SVTSP) 2025_0630.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 711 | Samsung Mobile Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.004]
details...
On 4th November 2025, Samsung published a security advisory to address vulnerabilities in Samsung mobile devices - versions prior to SMR-NOV-2025.
Review the Samsung Security Updates and apply the necessary updates. | Samsung |
| 712 | Fortinet Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.005]
details...
On 14th November 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiWeb - versions 8.0.0 to 8.0.1
- FortiWeb - versions 7.6.0 to 7.6.4
- FortiWeb - versions 7.4.0 to 7.4.9
- FortiWeb - versions 7.2.0 to 7.2.11
- FortiWeb - versions 7.0.0 to 7.0.11
Review the following advisories and apply the necessary updates:
| Fortinet |
| 713 | Cisco Security Advisory. [Published Date: 2025-11-14]
[Id:2025.11.14.006]
details...
On 13th November 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Catalyst Center Hardware Appliance - versions prior to 2.3.7.10
- Cisco Catalyst Center Virtual Appliance - versions prior to 2.3.7.10-VA
Review the Cisco Security Advisories and apply the necessary updates. | Cisco |
| 714 | Drupal Security Advisory. [Published Date: 2025-11-13]
[Id:2025.11.13.001]
details...
On 12th November 2025, Drupal published security advisories to address vulnerabilities Drupal core - version 8.0.0 to versions prior to 10.4.9, version 10.5.0 to versions prior to 10.5.6, version 11.0.0 to versions prior to 11.1.9 and version 11.2.0 to versions prior to 11.2.8.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 715 | GitHub security advisory. [Published Date: 2025-11-13]
[Id:2025.11.13.002]
details...
On 12th November 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.5.2, 18.4.4 and 18.3.6
- GitLab Enterprise Edition (EE) - versions prior to 18.5.2, 18.4.4 and 18.3.6
Review the following advisories and apply the necessary updates:
| Github |
| 716 | SAP security advisory - November 2025 monthly rollup. [Published Date: 2025-11-12]
[Id:2025.11.12.002]
details...
On 10th November 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SQL Anywhere Monitor (Non-Gui) - version SYBASE_SQL_ANYWHERE_SERVER 17.0;
- SAP Solution Manager - version ST 720;
- SAP CommonCryptoLib - version CRYPTOLIB 8;
- SAP HANA JDBC Client - version HDB_CLIENT 2.0;
- SAP Business Connector - version SAP BC 4.8;
- SAP NetWeaver Enterprise Portal - versions EP-BASIS 7.50 et EP-RUNTIME 7.50;
- SAP S/4HANA landscape (SAP E-Recruiting BSP) - versions S4ERECRT 100, 200, ERECRUIT 600, 603, 604, 605, 606, 616, 617, 800, 801 et 802;
- SAP HANA 2.0 (hdbrss) - version HDB 2.00;
- SAP GUI for Windows - versions BC-FES-GUI 8.00 et 8.10;
- SAP Starter Solution (PL SAFT) - versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, SAP_FIN 617, 618, 700, 720, 730, S4CORE 100, 101, 102, 103 et 104;
- SAP NetWeaver Application Server Java - versions ENGINEAPI 7.50 et EP-BASIS 7.50;
- SAP Business One (SLD) - versions B1_ON_HANA 10.0 et SAP-M-BO 10.0;
- SAP S4CORE (Manage Journal Entries) - versions S4CORE 104, 105, 106, 107 et 108;
- SAP NetWeaver Application Server for ABAP - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816;
- SAP NetWeaver Application Server for ABAP (Migration Workbench) - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816.
Review the SAP Security Patch Day – November 2025 and apply the necessary updates. | SAP |
| 717 | Citrix Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.003]
details...
On 11th November 2025, Citrix published security advisories to address vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 1-56.73
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 1-60.32
- NetScaler ADC 13.1-FIPS and NDcPP - versions prior to 1-37.250-FIPS and NDcPP
- NetScaler ADC 12.1-FIPS and NDcPP - versions prior to 1-55.333-FIPS and NDcPP
Review the following advisories and apply the necessary updates:
| Citrix |
| 718 | Google Chrome Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.004]
details...
On 11th November 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 142.0.7444.162/.163 (Windows/Mac) and 142.0.7444.162 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 719 | HPE Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.005]
details...
On 11th November 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE ProLiant DL/XL servers - multiple versions and platforms
- HPE ProLiant DL, and Synergy Servers - multiple versions and platforms
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 720 | Intel Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.006]
details...
On 11th November 2025, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 721 | Microsoft Edge Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.007]
details...
| Microsoft |
| 722 | Ivanti Security Advisory. [Published Date: 2025-11-12]
[Id:2025.11.12.008]
details...
On 10th November 2025, Ivanti published a security advisory to address a vulnerability in Ivanti Endpoint Manager - version 2024 SU3 SR1 and prior.
Review the following advisories and apply the necessary updates:
| Ivanti |
| 723 | GitHub security advisory [Published Date: 2025-11-12]
[Id:2025.11.12.001]
details...
On 10th November 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.18.x prior to 3.18.1
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.7
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.10
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.14
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.19
Review the following advisories and apply the necessary updates:
| Github |
| 724 | Palo Alto Networks Security Advisory. [Published Date: 2025-11-11]
[Id:2025.11.11.004]
details...
On 10th November 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- PAN-OS 11.2 - multiple versions
- PAN-OS 11.1 - multiple versions
- PAN-OS 10.2 - multiple versions
- Prisma Access - multiple versions
- Prisma Browser - version prior to 142.15.2.60
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 725 | Mozilla Security Advisory. [Published Date: 2025-11-11]
[Id:2025.11.11.001]
details...
On 11th November 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox versions prior to 145
- Firefox ESR versions prior to 115.30
- Firefox ESR versions prior to 140.5
Review the following advisories and apply the necessary updates:
| Mozilla |
| 726 | Microsoft Security Advisory - November 2025 monthly rollup. [Published Date: 2025-11-11]
[Id:2025.11.11.002]
details...
On 11th November 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Nuance PowerScribe
- Microsoft Configuration Manager
- Microsoft Office Excel
- SQL Server
- Azure Monitor Agent
- Windows Smart Card
- Windows DirectX
- Windows Speech
- Windows Routing and Remote Access Service (RRAS)
- Windows WLAN Service
- Customer Experience Improvement Program (CEIP)
- Windows Bluetooth RFCOM Protocol Driver
- Microsoft Streaming Service
- Windows Broadcast DVR User Service
- Windows Remote Desktop
- Windows Kerberos
- Windows Client-Side Caching (CSC) Service
- Role: Windows Hyper-V
- Multimedia Class Scheduler Service (MMCSS)
- Storvsp.sys Driver
- Windows Common Log File System Driver
- Host Process for Windows Tasks
- Windows OLE
- Windows Administrator Protection
- Windows Ancillary Function Driver for WinSock
- Windows TDX.sys
- OneDrive for Android
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Dynamics 365 (on-premises)
- Windows License Manager
- Dynamics 365 Field Service (online)
- Visual Studio
- Windows Kernel
- Microsoft Wireless Provisioning System
- Windows Subsystem for Linux GUI
- Visual Studio Code CoPilot Chat Extension
- GitHub Copilot and Visual Studio Code
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 727 | Adobe Security Advisory. [Published Date: 2025-11-11]
[Id:2025.11.11.003]
details...
On 11th November 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe InDesign ID20.5 and earlier versions
- Adobe InDesign ID19.5.5 and earlier versions
- Adobe InCopy 20.5 and earlier versions
- Adobe InCopy 19.5.5 and earlier versions
- Photoshop 2025 26.8.1 and earlier versions
- Illustrator 2025 29.8.2 and earlier versions
- Illustrator 2024 28.7.10 and earlier versions
- Adobe Illustrator on iPad 3.0.9 and earlier versions
- Adobe Pass Authentication Android SDK 3.7.3 and earlier versions
- Adobe Substance 3D Stager 3.1.5 and earlier versions
- Adobe Format Plugins 1.1.1 and earlier versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 728 | IBM Security Advisory. [Published Date: 2025-11-10]
[Id:2025.11.10.001]
details...
Between 3rd and 9th November 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 729 | Dell Security Advisory. [Published Date: 2025-11-10]
[Id:2025.11.10.002]
details...
Between 3rd November and 9th November 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.04.02.00
- Dell Enterprise SONiC Distribution - versions prior to 4.5.1
- Dell NetWorker - versions prior to 19.12.0.3
- Dell PowerSwitch S5448F-ON - versions prior to v3.52.5.1-12
- Dell PowerSwitch Z9264F-ON - versions prior to 3.42.5.1-21
- Dell PowerSwitch Z9432F-ON - versions prior to 3.51.5.1-21
- Dell iDRAC10 - versions prior to 1.20.25.00
- Dell iDRAC9 - versions 6.10.80.00 to 7.20.10.50
- Dell iDRAC9 - versions prior to 7.00.00.181
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 730 | Red Hat Security Advisory. [Published Date: 2025-11-10]
[Id:2025.11.10.003]
details...
Between 3rd November and 9th November 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 731 | Ubuntu Security Advisory. [Published Date: 2025-11-09]
[Id:2025.11.09.001]
details...
Between 3rd November and 9th November 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 732 | Apple Security Advisory. [Published Date: 2025-11-07]
[Id:2025.11.07.001]
details...
On 5th November 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS - versions prior to 18.7.2
- iPadOS - versions prior to 18.7.2
Review the following advisories and apply the necessary updates:
| Apple |
| 733 | Google Chrome Security Advisory. [Published Date: 2025-11-07]
[Id:2025.11.07.002]
details...
On 5th November 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 142.0.7444.134/.135 (Windows/Mac) and 142.0.7444.134 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 734 | Drupal Security Advisory. [Published Date: 2025-11-07]
[Id:2025.11.07.003]
details...
On 5th November 2025, Drupal published security advisories to address vulnerabilities in the following product:
- Email TFA - versions prior to 2.0.6
- Simple multi step form - versions prior to 2.0.0
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 735 | Microsoft Edge Security Advisory. [Published Date: 2025-11-07]
[Id:2025.11.07.004]
details...
| Microsoft |
| 736 | Qualcomm Security Advisory - November 2025 monthly rollup. [Published Date: 2025-11-07]
[Id:2025.11.07.005]
details...
On 3rd November 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates.
| Qualcomm |
| 737 | Cisco Security Advisory. [Published Date: 2025-11-05]
[Id:2025.11.05.001]
details...
On 5th November 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Identity Services Engine - multiple versions
- Cisco Unified Contact Center Express - versions 12.5 SU3 and prior
- Cisco Unified Contact Center Express - version 15.0
- Cisco Unified Intelligence Center - versions 12.6 and prior
- Cisco Unified Intelligence Center - version 15.0
Review the following advisories and apply the necessary updates:
| Cisco |
| 738 | Apple Security Advisory. [Published Date: 2025-11-04]
[Id:2025.11.04.001]
details...
On 3rd November 2025, Apple published security updates to address vulnerabilities in the following products:
- Safari - versions prior to 26.1
- Xcode - versions prior to 26.1
- iOS and iPadOS - versions prior to 26.1
- macOS Sequoia - versions prior to 15.7.2
- macOS Sonoma - versions prior to 14.8.2
- macOS Tahoe - versions prior to 26.1
- tvOS - versions prior to 26.1
- visionOS - versions prior to 26.1
- watchOS - versions prior to 26.1
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 739 | Android security advisory - November 2025 Monthly Rollup. [Published Date: 2025-11-04]
[Id:2025.11.04.002]
details...
On 3rd November 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 740 | VMware Security Advisory. [Published Date: 2025-11-04]
[Id:2025.11.04.003]
details...
Between 3rd and 4th November 2025, VMware published security advisories to address vulnerabilities in the following products:
- Cloud Service Broker for AWS for VMware Tanzu Platform - versions prior to 1.15.0
- VMware Tanzu RabbitMQ on Kubernetes - versions 3.13.10, 4.0.15, 4.1.4 and 4.2.0
- VMware Tanzu Greenplum Backup and Restore - versions prior to 1.32.1
- VMware Tanzu Greenplum Upgrade - versions prior to 1.10.1
- VMware Tanzu Greenplum Streaming Server - versions prior to 2.2.0
- VMware Tanzu Greenplum Data Copy Utility - versions prior to 2.9.0
- VMware Tanzu Greenplum SQL Editor - versions prior to 1.2.0
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 741 | Tenable Security Advisory. [Published Date: 2025-11-04]
[Id:2025.11.04.004]
details...
On 3rd November 2025, Tenable has released security updates to address vulnerabilities affecting the Tenable Identity Exposure - On-premises LTS - version prior to 3.77.14.
Review the following Tenable Security Advisory and apply the necessary updates:
| Tenable |
| 742 | Security Advisory of CWP (aka Control Web Panel or CentOS Web Panel). [Published Date: 2025-11-04]
[Id:2025.11.04.005]
details...
On 22nd June 2025, a vulnerability was discovered in CWP (aka Control Web Panel or CentOS Web Panel) that could allow remote code execution. CWP, or Control Web Panel (before 0.9.8.1205), is a free server administration tool for enterprise Linux distributions.
Review the Security Updates, apply the necessary updates, check the change log, and identify other vendors that use this software on vulnerable systems and update as recommended. | CWP |
| 743 | IBM Security Advisory. [Published Date: 2025-11-03]
[Id:2025.11.03.001]
details...
Between 27th October and 2nd November 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 744 | Dell Security Advisory. [Published Date: 2025-11-03]
[Id:2025.11.03.002]
details...
Between 27th October and 2nd November 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Microsoft Azure - versions prior to 01.06.01.00
- Dell Avamar Data Store Gen4T - versions 19.12, 19.10-SP1, 19.10, 19.9, 19.8 and 19.7
- Dell Avamar Data Store Gen5A - versions 19.12, 19.10-SP1, 19.10, 19.9, 19.8 and 19.7
- Dell Avamar Network Data Management Protocol (NDMP) Accelerator - versions 19.12, 19.10-SP1, 19.10, 19.9, 19.8 and 19.7
- Dell Avamar VMware Image Backup Proxy - versions 19.12, 19.10-SP1, 19.10, 19.9, 19.8 and 19.7
- Dell Avamar Virtual Edition - versions 19.12, 19.10-SP1, 19.10, 19.9, 19.8 and 19.7
- Dell CloudLink - versions 8.0 to 8.1.2
- Dell CloudLink - versions prior to 8.1.1
- Dell CloudLink - versions prior to 8.2
- Dell Networker Virtual Edition (NVE) - versions 19.5, 19.6, 19.7, 19.8, 19.9, 19.10, 19.11 and 19.12
- Dell Policy Manager for Secure Connect Gateway - Appliance – versions prior to 5.32.00.18
- Dell PowerProtect DP Series Appliance (IDPA) - versions prior to 2.7.9
- Dell PowerSwitch Z9264F-ON - versions prior to 3.42.5.1-21
- Dell Protection Advisor - versions 19.11 to 19.12 SP1
- Dell Secure Connect Gateway-Appliance - versions 5.26.00 to 5.30.00
- Dell Secure Connect Gateway-Application - versions 5.26.00 to 5.30.00
- Dell Unity - versions prior to 5.5.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 745 | Ubuntu Security Advisory. [Published Date: 2025-11-03]
[Id:2025.11.03.003]
details...
Between 27th October and 2nd November 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 746 | Red Hat Security Advisory. [Published Date: 2025-11-03]
[Id:2025.11.03.004]
details...
Between 27th October and 2nd November 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 747 | Microsoft Edge Security Advisory. [Published Date: 2025-11-03]
[Id:2025.11.03.005]
details...
| Microsoft |
| 748 | SonicWall Security Advisory. [Published Date: 2025-10-31]
[Id:2025.10.31.001]
details...
On 30th October 2025, SonicWall published a security advisory to address vulnerabilities in SMA 100 Series (SMA 210, 410, 500v) - version 10.2.2.2-92sv and prior.
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 749 | Progress Security Advisory [Published Date: 2025-10-31]
[Id:2025.10.31.002]
details...
On 29th October 2025, Progress published a security update to address vulnerabilities in the following products.
- MOVEit Transfer - version 2025.0.2 (17.0.2) and prior
- MOVEit Transfer - version 2024.1. 6 (16.1.6) and prior
- MOVEit Transfer - version 2023.1.15 (15.1.15) and prior
- MOVEit Transfer - version 2023.1.15 (15.1.15) and prior
- MOVEit Transfer - version 2023.0 and prior
- MOVEit Transfer - version 2024.0 and prior
Review the MOVEit Transfer Vulnerability - CVE-2025-10932 (29th October, 2025) and apply the required updates. | progress |
| 750 | HPE Security Advisory. [Published Date: 2025-10-31]
[Id:2025.10.31.003]
details...
On 30th October 2025, HPE published a security advisory to address vulnerabilities in HPE HPE Private Cloud AI - versions prior to 1.7.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 751 | Drupal Security Advisory. [Published Date: 2025-10-30]
[Id:2025.10.30.001]
details...
On 29th October 2025, Drupal published security advisories to address vulnerabilities Simple OAuth (OAuth2) & OpenID Connect - versions 6.0.0 to versions prior to 6.0.7.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 752 | VMware Security Advisory. [Published Date: 2025-10-29]
[Id:2025.10.29.001]
details...
On 28th October 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire Management Console - versions prior to 1.4.1
- VMware Tanzu for Valkey - versions prior to 7.2.11
- VMware Tanzu for Valkey - versions prior to 8.0.5
- VMware Tanzu for Valkey - versions prior to 8.0.6
- VMware Tanzu for Valkey - versions prior to 8.1.4
- VMware Tanzu for Valkey on Kubernetes - versions prior to 3.2.0
- VMware Tanzu GemFire - versions prior to 10.2.0
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 753 | Google Chrome Security Advisory. [Published Date: 2025-10-29]
[Id:2025.10.29.002]
details...
On 28th October 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 142.0.7444.59/60 (Windows/Mac) and 142.0.7444.59 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 754 | Jenkins Security Advisory. [Published Date: 2025-10-29]
[Id:2025.10.29.003]
details...
On 29th October 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
- SAML Plugin - version 4.583.vc68232f7018a_ and prior
- MCP Server Plugin - 0.84.v50ca_24ef83f2 and prior
- Extensible Choice Parameter Plugin - 239.v5f5c278708cf and prior
- JDepend Plugin - 1.3.1 and prior
- Eggplant Runner Plugin - 0.0.1.301.v963cffe8ddb_8 and prior
- Themis Plugin - 1.4.1 and prior
- Start Windocks Containers Plugin - 1.4 and prior
- azure-cli Plugin - 0.9 and prior
- Nexus Task Runner Plugin - 0.9.2 and prior
- OpenShift Pipeline Plugin - 1.0.57 and prior
- ByteGuard Build Actions Plugin - 1.0 and prior
- Curseforge Publisher Plugin - 1.0 and prior
- Publish to Bitbucket Plugin - version 0.4 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 755 | Docker Security Advisory. [Published Date: 2025-10-29]
[Id:2025.10.29.004]
details...
On 27th October 2025, Docker published security updates to address a vulnerability affecting Docker Compose - versions prior to v2.40.2.
Review the Docker security bulletins and apply the required updates. | Docker |
| 756 | Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287. [Published Date: 2025-10-29]
[Id:2025.10.29.005]
details...
On 29th October 2025, Microsoft released an update to address a critical remote code execution vulnerability impacting Windows Server Update Service (WSUS) in Windows Server (2012, 2016, 2019, 2022, and 2025), CVE-2025-59287, that a prior update did not fully mitigate.
Organizations must implement Microsoft's updated Windows Server Update Service (WSUS) Remote Code Execution Vulnerability guidance, 1 or risk an unauthenticated actor achieving remote code execution with system privileges. Immediate actions for organizations with affected products are:
(Updated 29th October, 2025):
- Identify servers vulnerable to exploitation (i.e., affected servers with WSUS Server Role enabled and ports open to TCP 8530/TCP 8531) for priority mitigation:
- Run the following command in PowerShell to check if WSUS is in an installed state:
Get-WindowsFeature -Name UpdateServices; and/or
- Leverage the Server Manager Dashboard to check whether WSUS enablement is turned on as a Server Role.
- Apply the out-of-band security update released on 23rd October, 2025, to all servers identified in Step 1. Reboot WSUS server(s) after installation to complete mitigation. If organizations are unable to apply the update immediately, system administrators should disable the WSUS Server Role and/or block inbound traffic to ports TCP 8530/TCP 8531, the default listeners for WSUS, at the host firewall. Of note, do not undo either of these workarounds until your organization has installed the update.
- Apply updates to the remaining Windows servers. Reboot servers after installation to complete mitigation.
In addition to checking for endpoint security platform events, CISA recommends that potentially affected organizations investigate signs of threat activity on their networks:
- Monitor and vet suspicious activity and child processes spawned with SYSTEM-level permissions, particularly those originating from
wsusservice.exe and/or w3wp.exe. Keep in mind:
- These child processes may represent legitimate activity, and
- Exploitation of CVE-2025-59287 on the target system could involve additional services beyond WSUS parent processes.
- Monitor and vet nested PowerShell processes using base64-encoded PowerShell commands.
See the following resources for additional guidance on this vulnerability:
| Microsoft |
| 757 | Splunk Security Advisory. [Published Date: 2025-10-29]
[Id:2025.10.29.006]
details...
On 29th October 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk AppDynamics Machine Agent - versions prior to 25.7.0
- Splunk AppDynamics Private Synthetic Agent - versions prior to 25.7.0
- Splunk AppDynamics Analytics Agent - versions prior to 25.7.0
- Splunk Operator for Kubernetes Add-on - versions prior to 3.0.0
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 758 | Apache Security Advisory. [Published Date: 2025-10-28]
[Id:2025.10.28.001]
details...
On 27th October 2025, Apache published a security advisory to address vulnerabilities in the following products:
- Apache Tomcat - versions 11.0.0-M1 to 11.0.10
- Apache Tomcat - versions 10.1.0-M1 to 10.1.44
- Apache Tomcat - versions 9.0.0.M11 to 9.0.108
- Apache Tomcat - versions 9.0.0.40 to 9.0.108
Review the following advisories and apply the necessary updates:
| Apache |
| 759 | Veeam Security Advisory. [Published Date: 2025-10-28]
[Id:2025.10.28.002]
details...
On 14th October 2025, Veeam published security advisories to address vulnerabilities in Veeam Backup & Replication - version 12.3.2.3617 and prior.
Review the following advisories and apply the necessary updates:
| Veeam |
| 760 | Mozilla Security Advisory. [Published Date: 2025-10-28]
[Id:2025.10.28.003]
details...
On 28th October 2025, Mozilla published security advisories to address vulnerabilities in Firefox versions prior to 144.0.2.
Review the following advisories and apply the necessary updates:
| Mozilla |
| 761 | IBM Security Advisory. [Published Date: 2025-10-27]
[Id:2025.10.27.001]
details...
Between 20th October and 26th October 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 762 | Dell Security Advisory. [Published Date: 2025-10-27]
[Id:2025.10.27.002]
details...
Between 20th and 26th October 2025, Dell published security advisories to address Dell Storage Manager - versions prior to 2020 R1.22.
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 763 | Ubuntu Security Advisory. [Published Date: 2025-10-27]
[Id:2025.10.27.003]
details...
Between 20th and 26th October 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 764 | Red Hat Security Advisory. [Published Date: 2025-10-27]
[Id:2025.10.27.004]
details...
Between 20th and 26th October 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 765 | HashiCorp (An IBM Company) Security Advisory. [Published Date: 2025-10-27]
[Id:2025.10.27.005]
details...
On 23rd October 2025, WhatsApp published security advisories to address vulnerabilities in multiple products.
- Vault Community - version 1.21.0
- Vault Enterprise - versions prior to 1.21.0, 1.20.5, 1.19.11 and 1.16.27
Review the following advisories and apply the necessary updates:
| HashiCorp |
| 766 | Microsoft Windows Server Update Services (WSUS) Security Advisory. [Published Date: 2025-10-24]
[Id:2025.10.24.001]
details...
On 24th October 2025, Microsoft published an update to address a critical remote code execution vulnerability, CVE-2025-59287, impacting Windows Server Update Service (WSUS) in the following Windows Server versions (2012, 2016, 2019, 2022, and 2025). This vulnerability was previously mitigated only partially by a prior update.
- Windows Server 2012 R2 versions prior to build 6.3.9600.22826
- Windows Server 2012 versions prior to build 6.2.9200.25728
- Windows Server 2016 versions prior to build 10.0.14393.8524
- Windows Server 2025 versions prior to build 10.0.26100.6905
- Windows Server 2022, 23H2 Edition (Server Core installation) versions prior to build 10.0.25398.1916
- Windows Server 2022 versions prior to build 10.0.20348.4297
- Windows Server 2019 versions prior to build 10.0.17763.7922
Review the provided Microsoft Security Advisory, workaround, and apply the necessary updates. | Microsoft |
| 767 | SolarWinds Security Advisory. [Published Date: 2025-10-23]
[Id:2025.10.23.001]
details...
On 21st October 2025, SolarWinds published a security advisory to address vulnerabilities in the SolarWinds SolarWinds Observability Self-Hoste – version 2025.2.1 and prior.
Review the following SolarWinds Security Advisory and apply the necessary updates.
| Solarwinds |
| 768 | Atlassian Security Advisory. [Published Date: 2025-10-23]
[Id:2025.10.23.002]
details...
On 21st October 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Fisheye/Crucible - versions 4.9.0 to 4.9.2 and 4.8.14 to 4.8.16
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 769 | Oracle Security Advisory - October 2025. [Published Date: 2025-10-22]
[Id:2025.10.22.001]
details...
On 21st October 2025, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Enterprise Manager Base Platform, versions 13.5, 24.1
- GoldenGate Stream Analytics, versions 19.1.0.0.0-19.1.0.0.9
- Identity Manager, versions 12.2.1.4.0, 14.1.2.1.0
- JD Edwards EnterpriseOne Orchestrator, versions 9.2.0.0-9.2.9.4
- JD Edwards EnterpriseOne Tools, versions 9.2.0.0-9.2.9.4
- Management Cloud Engine, version 25.1.0.0.0
- Management Pack for Oracle GoldenGate, version 12.2.1.2.0
- MySQL Cluster, versions 8.0.0-8.0.43, 8.4.0-8.4.6, 9.0.0-9.4.0
- MySQL Enterprise Backup, versions 8.0.0-8.0.42, 8.4.0-8.4.5, 9.0.0-9.3.0
- MySQL Server, versions 8.0.0-8.0.43, 8.4.0-8.4.6, 9.0.0-9.4.0
- MySQL Shell, versions 8.0.40-8.0.43, 8.4.3-8.4.6, 9.1.0-9.4.0
- MySQL Workbench, versions 8.0.0-8.0.43
- Oracle Application Testing Suite, versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0
- Oracle Banking Branch, versions 14.5.0.0.0-14.8.0.0.0
- Oracle Banking Corporate Lending Process Management, versions 14.4.0.0.0-14.7.0.0.0
- Oracle Banking Origination, versions 14.5.0.0.0-14.7.0.0.0
- Oracle BI Publisher, versions 7.6.0.0.0, 8.2.0.0.0
- Oracle Business Intelligence Enterprise Edition, versions 7.6.0.0.0, 8.2.0.0.0, 12.2.1.4.0
- Oracle Coherence, versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0
- Oracle Commerce Guided Search, version 11.4.0
- Oracle Commerce Platform, version 11.4.0
- Oracle Communications Billing and Revenue Management, versions 12.0.0.4.0-15.0.1.0.0
- Oracle Communications Calendar Server, versions 8.0.0.7.0, 8.0.0.8.0
- Oracle Communications Cloud Native Core Automated Test Suite, versions 24.2.6, 25.1.202
- Oracle Communications Cloud Native Core Binding Support Function, versions 24.2.7-25.1.200
- Oracle Communications Cloud Native Core Certificate Management, version 25.1.200
- Oracle Communications Cloud Native Core Console, versions 24.2.5, 25.1.200
- Oracle Communications Cloud Native Core DBTier, version 25.1.200
- Oracle Communications Cloud Native Core Network Function Cloud Native Environment, versions 25.1.100, 25.1.200
- Oracle Communications Cloud Native Core Network Repository Function, versions 24.2.5, 25.1.202
- Oracle Communications Cloud Native Core Network Slice Selection Function, versions 25.1.100-25.1.200
- Oracle Communications Cloud Native Core Policy, versions 24.2.7-25.1.200
- Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 24.2.5, 25.1.200, 25.1.201
- Oracle Communications Cloud Native Core Service Communication Proxy, versions 25.1.200, 25.2.100
- Oracle Communications Cloud Native Core Unified Data Repository, versions 25.1.100, 25.1.200
- Oracle Communications Contacts Server, version 8.0.0.9.0
- Oracle Communications Converged Charging System, versions 2.0.0.0.0-2.0.0.1.0
- Oracle Communications Convergence, versions 3.0.3.3.0, 3.0.3.4.0
- Oracle Communications Convergent Charging Controller, versions 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0-15.0.1.0.0, 15.1.0.0.0
- Oracle Communications Diameter Signaling Router, versions 9.0.0.0.0, 9.1.0.0.0
- Oracle Communications EAGLE Element Management System, versions 46.6, 47.0
- Oracle Communications EAGLE LNP Application Processor, versions 10.2.1.0, 11.0.0.1-11.0.0.2
- Oracle Communications LSMS, versions 13.5.1.0, 14.0.0.1, 14.0.0.2
- Oracle Communications Messaging Server, version 8.1.0.28
- Oracle Communications Network Analytics Data Director, versions 24.2.0-24.2.1, 24.3.0, 25.1.100, 25.1.200
- Oracle Communications Network Charging and Control, versions 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0-15.0.1.0.0, 15.1.0.0.0
- Oracle Communications Network Integrity, versions 7.3.6, 7.4.0, 7.5.0
- Oracle Communications Offline Mediation Controller, versions 15.0.0.0.0-15.0.1.0.0, 15.1.0.0.0
- Oracle Communications Operations Monitor, versions 5.1, 5.2, 6.0
- Oracle Communications Order and Service Management, versions 7.4.0, 7.4.1, 7.5.0
- Oracle Communications Pricing Design Center, versions 12.0.0.4.0-12.0.0.8.0, 15.0.0.0.0-15.0.1.0.0
- Oracle Communications Service Catalog and Design, versions 8.0.0.5.0, 8.1.0.4.0, 8.2.0.1.0
- Oracle Communications Session Border Controller, versions 4.1.0, 9.0.0, 9.2.0-9.3.0, 10.0.0
- Oracle Communications Unified Assurance, versions 6.1.0-6.1.1
- Oracle Communications Unified Inventory Management, versions 7.5.0-7.5.1, 7.6.0-7.8.0
- Oracle Database Server, versions 19.3-19.28, 21.3-21.19, 23.4-23.9
- Oracle Documaker, versions 12.7.2.4, 13.0.0.3, 13.0.1.1
- Oracle E-Business Suite, versions 12.2.3-12.2.14
- Oracle Enterprise Communications Broker, versions 4.1.0-4.2.0, 5.0.0
- Oracle Enterprise Data Quality, versions 12.2.1.4.0, 14.1.2.0.0
- Oracle Enterprise Manager for Fusion Middleware, versions 13.5, 24.1
- Oracle Enterprise Operations Monitor, versions 5.1, 5.2, 6.0
- Oracle Essbase, version 21.7.3.0.0
- Oracle Financial Services Analytical Applications Infrastructure, versions 8.0.7.9, 8.0.8.7, 8.1.2.5
- Oracle Financial Services Behavior Detection Platform, versions 8.0.8.1, 8.1.2.9, 8.1.2.10
- Oracle Financial Services Compliance Studio, version 8.1.2.8
- Oracle Financial Services Model Management and Governance, versions 8.1.2.7, 8.1.3.2
- Oracle Financial Services Revenue Management and Billing, versions 2.9.0.0.0-7.2.0.0.0
- Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition, version 8.0.8
- Oracle Fusion Middleware MapViewer, version 12.2.1.4.0
- Oracle Global Lifecycle Management NextGen OUI Framework, versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0
- Oracle GoldenGate, versions 19.1.0.0.0-19.28.0.0.250715, 21.3-21.19, 23.4-23.9
- Oracle GoldenGate Big Data and Application Adapters, versions 21.3-21.19, 23.4-23.9
- Oracle GoldenGate Stream Analytics, versions 19.1.0.0.0-19.1.0.0.12
- Oracle GoldenGate Studio, version 12.2.0.4.0
- Oracle GoldenGate Veridata, versions 12.2.1.4.0-12.2.1.4.250515, 23.1.0.0.0-23.4.0.0.0
- Oracle GraalVM Enterprise Edition, version 21.3.15
- Oracle GraalVM for JDK, versions 17.0.16, 21.0.8
- Oracle Graph Server and Client, versions 24.4.1, 24.4.3, 25.1.0, 25.3.0
- Oracle Health Sciences Data Management Workbench, versions 3.4.0.1.3, 3.4.1.0.10
- Oracle Healthcare Data Repository, version 8.2.0.5
- Oracle Healthcare Master Person Index, versions 5.0.0.0-5.0.9.2
- Oracle Hospitality Cruise Shipboard Property Management (SPMS), version 23.2.5
- Oracle Hyperion Calculation Manager, version 11.2.22.0.0
- Oracle Hyperion Data Relationship Management, version 11.2.22.0.0
- Oracle Hyperion Financial Management, version 11.2.22.0.0
- Oracle Hyperion Infrastructure Technology, version 11.2.22.0.0
- Oracle Hyperion Planning, version 11.2.22.0.0
- Oracle Insurance Policy Administration J2EE, versions 11.3.1-12.0.5
- Oracle Java SE, versions 8u461, 8u461-b50, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25
- Oracle JDeveloper, version 12.2.1.4.0
- Oracle Life Sciences InForm, version 7.0.1.0
- Oracle Middleware Common Libraries and Tools, versions 12.2.1.4.0, 14.1.2.0.0
- Oracle Outside In Technology, versions 8.5.7, 8.5.8
- Oracle REST Data Services, version 25.2.1
- Oracle Retail Advanced Inventory Planning, versions 15.0.3, 16.0.3
- Oracle Retail Financial Integration, versions 14.1.3.2, 15.0.3.1, 16.0.3, 19.0.1
- Oracle Retail Integration Bus, versions 14.1.3.2, 15.0.3.1, 16.0.3, 19.0.1
- Oracle Retail Invoice Matching, versions 15.0.3.1, 16.0.3
- Oracle Retail Merchandising System, versions 16.0.3, 19.0.1
- Oracle Retail Price Management, versions 15.0.3.1, 16.0.3, 19.0.1
- Oracle Retail Sales Audit, versions 15.0.3.1, 16.0.3, 19.0.1
- Oracle Retail Service Backbone, versions 14.1.3.2, 15.0.3.1, 16.0.3, 19.0.1
- Oracle Retail Xstore Office, versions 20.0.5, 21.0.4, 22.0.2, 23.0.2, 24.0.1, 25.0.0
- Oracle Retail Xstore Point of Service, versions 20.0.5, 21.0.4, 22.0.2, 23.0.2, 24.0.1, 25.0.0
- Oracle Secure Backup, version 19.1.0.1.0
- Oracle Security Service, version 12.2.1.4.0
- Oracle SOA Suite, version 14.1.2.0.0
- Oracle Solaris, version 11
- Oracle Solaris Cluster, version 4
- Oracle Spatial Studio, versions 24.2.0, 25.1.2
- Oracle TimesTen In-Memory Database, versions 18.1.4.1.0-18.1.4.53.0, 22.1.1.1.0-22.1.1.35.0
- Oracle Transportation Management, version 6.5.3
- Oracle Utilities Application Framework, versions 4.3.0.5.0, 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0, 4.4.0.4.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 4.5.0.2.0, 24.2.0.0.0, 24.3.0.0.0, 25.4, 25.10
- Oracle Utilities Network Management System, versions 2.4.0.1.31, 2.5.0.1.15, 2.5.0.2.9, 2.6.0.1.8, 2.6.0.2.3
- Oracle VM VirtualBox, versions 7.1.12, 7.2.2
- Oracle WebCenter Forms Recognition, version 14.1.1.0.0
- Oracle WebCenter Portal, version 12.2.1.4.0
- Oracle WebCenter Sites, version 14.1.2.0.0
- Oracle WebLogic Server, versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0
- Oracle ZFS Storage Appliance Kit, version 8.8
- PeopleSoft Enterprise CS Financial Aid, version 9.2
- PeopleSoft Enterprise FIN IT Asset Management, version 9.2
- PeopleSoft Enterprise FIN Maintenance Management, version 9.2
- PeopleSoft Enterprise FIN Payables, version 9.2
- PeopleSoft Enterprise PeopleTools, versions 8.60, 8.61, 8.62
- Primavera Gateway, versions 20.12.0-20.12.17, 21.12.0-21.12.15
- Primavera P6 Enterprise Project Portfolio Management, versions 20.12.0.0-20.12.21.0, 21.12.0.0-21.12.21.2, 22.12.0.0-22.12.20.0, 23.12.0.0-23.12.14.0, 24.12.0.0-24.12.4.0
- Primavera Unifier, versions 20.12.0-20.12.16, 21.12.0-21.12.17, 22.12.0-22.12.15, 23.12.0-23.12.15, 24.12.0-24.12.9
- Retail Predictive Application Server, versions 15.0.3, 16.0.3
- Siebel Applications, versions prior to 25.10
Review Oracle Critical Patch Update Advisory – October 2025 and apply the necessary updates. | Oracle |
| 770 | GitLab Security Advisory. [Published Date: 2025-10-22]
[Id:2025.10.22.002]
details...
On 22nd October 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.5.1, 18.4.3 and 18.3.5
- GitLab Enterprise Edition (EE) - versions prior to 18.5.1, 18.4.3 and 18.3.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 771 | Google Chrome Security Advisory. [Published Date: 2025-10-22]
[Id:2025.10.22.003]
details...
On 21st October 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 141.0.7390.122/.123 (Windows/Mac) and 141.0.7390.122 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 772 | Drupal Security Advisory. [Published Date: 2025-10-22]
[Id:2025.10.22.004]
details...
On 22nd October 2025, Drupal published security advisories to address vulnerabilities in CivicTheme Design System - version prior to 1.12.0.
Review the following Drupal Security Advisory and apply the necessary updates.
| Drupal |
| 773 | ISC BIND Security Advisory. [Published Date: 2025-10-22]
[Id:2025.10.22.005]
details...
On 22nd October 2025, ISC published security advisories to address vulnerabilities in the following products:
- ISC BIND 9 - versions 9.11.3-S1 to 9.16.50-S1
- ISC BIND 9 - versions 9.18.11-S1 to 9.18.39-S1
- ISC BIND 9 - versions 9.20.9-S1 to 9.20.13-S1
- ISC BIND 9 - versions 9.11.0 to 9.16.50
- ISC BIND 9 - versions 9.18.0 to 9.18.39
- ISC BIND 9 - versions 9.20.0 to 9.20.13
- ISC BIND 9 - versions 9.21.0 to 9.21.12
Review the following advisories and apply the necessary updates:
| ISC |
| 774 | IBM Security Advisory. [Published Date: 2025-10-20]
[Id:2025.10.20.001]
details...
Between 13th October and 19th October 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 775 | Dell Security Advisory. [Published Date: 2025-10-20]
[Id:2025.10.20.002]
details...
Between 13th and 19th October 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell AMD-based PowerEdge Server - multiple versions and models
- Dell AX System for Azure - versions prior to 2509
- Dell Connectrix MDS - versions prior to 9.4 (3a)
- Dell Integrated System for Microsoft Azure Stack Hub 16G and 14G - versions prior to 2508
- Dell Networking OS10 - versions prior to 10.6.0.6
- Dell PowerEdge T40 - versions prior to 1.21.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 776 | Ubuntu Security Advisory. [Published Date: 2025-10-20]
[Id:2025.10.20.003]
details...
Between 13th and 19th October 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 777 | Red Hat Security Advisory. [Published Date: 2025-10-20]
[Id:2025.10.20.004]
details...
Between 13th and 19th October 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 778 | Zimbra Security Advisory. [Published Date: 2025-10-17]
[Id:2025.10.17.001]
details...
On 16th October 2025, Zimbra published a security advisory to address vulnerabilities in Zimbra Daffodil - versions prior to v10.1.12.
Review the Zimbra Daffodil (v10.1.12) Patch Release and apply the necessary updates. | Zimbra |
| 779 | WatchGuard Security Advisory. [Published Date: 2025-10-17]
[Id:2025.10.17.002]
details...
On 16th October 2025, WatchGuard published a security advisory to address vulnerabilities in Fireware OS - version 11.10.2 to 11.12.4_Update1, version 12.0 to 12.11.3, and version 2025.1.
Review the following WatchGuard Security Advisory and apply the necessary updates:
| WatchGuard |
| 780 | HPE Security Advisory. [Published Date: 2025-10-16]
[Id:2025.10.16.001]
details...
Between 13th and 15th October 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE ProLiant RL300 Gen11 - versions prior to v1.78
- HPE ProLiant AMD Servers - multiple versions and platforms
- HPE Aruba Networking - multiple versions and platforms
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 781 | Adobe Security Advisory. [Published Date: 2025-10-15]
[Id:2025.10.15.001]
details...
On 14th October 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Animate 2023 - version 23.0.13 and prior
- Adobe Animate 2024 - version 24.0.10 and prior
- Adobe Bridge - version 14.1.8 (LTS) and prior
- Adobe Bridge - version 15.1.1 and prior
- Adobe Commerce B2B - multiple versions
- Adobe Commerce - multiple versions
- Adobe Connect - version 12.9 and prior
- Adobe Dimension - version 4.1.4 and prior
- Adobe Experience Manager (AEM) Screens - version AEM 6.5.22 Screens FP11.6
- Adobe FrameMaker - version 2020 Release Update 9 and prior
- Adobe FrameMaker - version 2022 Release Update 7 and prior
- Adobe Substance 3D Modeler - version 1.22.3 and prior
- Adobe Substance 3D Stager - version 3.1.4 and prior
- Adobe Substance 3D Viewer - version 0.25.2 and prior
- Creative Cloud Desktop Application - version 6.7.0.278 and prior
- Illustrator 2024 - version 28.7.9 and prior
- Illustrator 2025 - version 29.7 and prior
- Magento Open Source - multiple versions
Review the Adobe Security Advisories and apply the necessary updates.
| Adobe |
| 782 | Fortinet Security Advisory. [Published Date: 2025-10-15]
[Id:2025.10.15.002]
details...
On 14th October 2025, Fortinet published security advisories to address vulnerabilities in multiple products.
Review the Fortinet Security Advisories and apply the necessary updates.
| Fortinet |
| 783 | F5 Security Advisory. [Published Date: 2025-10-15]
[Id:2025.10.15.003]
details...
On 15th October 2025, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- BIG-IP (all modules) - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP AFM - version 17.5.0, versions 17.1.0 to 17.1.2, versions 15.1.0 to 15.1.10
- BIG-IP APM - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP APM, APM with SWG, SSL Orchestrator, SSL Orchestrator with SWG - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP ASM - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5
- BIG-IP Advanced WAF/ASM - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP Next CNF - versions 2.0.0 to 2.1.0, versions 1.1.0 to 1.4.1
- BIG-IP Next SPK - versions 2.0.0 to 2.1.0, versions 1.7.0 to 1.9.2
- BIG-IP Next for Kubernetes - versions 2.0.0 to 2.1.0
- BIG-IP PEM - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6, versions 15.1.0 to 15.1.10
- BIG-IP SSL Orchestrator - version 17.5.0, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, versions 15.1.0 to 15.1.10
- F5OS-A - versions 1.8.0 to 1.8.1, versions 1.5.1 to 1.5.3
- F5OS-C - version 1.8.0 to 1.8.1, versions 1.6.0 to 1.6.2
- NGINX App Protect WAF - versions 4.5.0 to 4.6.0
Review the following advisories and apply the necessary updates:
| F5 |
| 784 | Cisco Security Advisory. [Published Date: 2025-10-15]
[Id:2025.10.15.004]
details...
On 15th October 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco TelePresence CE on-premises - versions 9, 10 and versions prior to 11.32.2.1
- Cisco RoomOS Release on-premises - versions 9, 10 and versions prior to 11.32.2.1
- Cisco RoomOS Release cloud-aware - versions prior to July 2025
- Cisco Open Source Snort 3 - versions prior to 3.9.3.0
- Cisco Desk Phone 9800 Series - versions prior to 3.3(1)
- Cisco IP Phone 7800 and 8800 Series - versions prior to 14.4(1)
- Cisco IP Phone 8821 - versions prior to 11.0(6)SR7
- Cisco Video Phone 8875 - versions prior to 3.3(1)
Review the following advisories and apply the necessary updates:
| Cisco |
| 785 | Google Chrome Security Advisory. [Published Date: 2025-10-15]
[Id:2025.10.15.005]
details...
On 14th October 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 141.0.7390.107/.108 (Windows/Mac) and 141.0.7390.107 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 786 | IBM Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.001]
details...
Between 6th October and 12th October 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 787 | Dell Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.002]
details...
Between 6th October and 12th October 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- SupportAssist for Home PCs - version prior to 4.8.2.29006
- SupportAssist for Business PCs - version prior to 4.5.3.25254
Review the following advisories and apply the necessary updates:
| Dell |
| 788 | Ubuntu Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.003]
details...
Between 6th October and 12th October 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 789 | Red Hat Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.004]
details...
Between 6th and 12th October 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 790 | Ivanti Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.005]
details...
Between 13th and 14th October 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Endpoint Manager - version 2024 SU3 SR1 and prior
- Ivanti Endpoint Manager - version 2022 SU8 SR2 and prior
- Ivanti Endpoint Manager Mobile - versions 12.6.0.1, 12.5.0.2, and 12.4.0.3
- Ivanti Neurons for MDM - version R118 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 791 | SAP security advisory - October 2025 monthly rollup. [Published Date: 2025-10-14]
[Id:2025.10.14.006]
details...
On 14th October 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver AS Java - version SERVERCORE 7.50
- SAP Print Service - versions SAPSPRINT 8.00 and 8.10
- SAP Supplier Relationship Management - versions SRMNXP01 100 and 150
- SAP Commerce Cloud - versions HY_COM 2205, COM_CLOUD 2211 and 2211-JDK21
- SAP Data Hub Integration Suite - versions CX_DATAHUB_INT_PACK 2205
- SAP Application Server for ABAP - versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 and 816
- SAP NetWeaver Application Server for ABAP - versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 and 9.16
- SAP Commerce Cloud - version COM_CLOUD 2211
- SAP NetWeaver AS ABAP and ABAP Platform - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 and 9.16
- SAP S/4HANA - versions S4CORE 104, 105, 106, 107, 108 and 109
- SAP Financial Service Claims Management - versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 and 109
- SAP BusinessObjects - versions ENTERPRISE 430, 2025 and 2027
- SAP Cloud Appliance Library Appliances - version TITANIUM_WEBAPP 4.0
Review the SAP Security Patch Day - October 2025 and apply the necessary updates. | SAP |
| 792 | HPE Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.007]
details...
On 13th October 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Compute Scale-up Server 3200 - versions prior to v1.65.60
- HPE Superdome Flex 280 Server - versions prior to v2.05.12
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 793 | Qualcomm Security Advisory - October 2025 monthly rollup. [Published Date: 2025-10-14]
[Id:2025.10.14.008]
details...
On 6th October 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 794 | VMware Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.009]
details...
On 10th October 2025, VMware released a security advisory to address multiple vulnerabilities in VMware Tanzu for MySQL on Kubernetes - versions prior to 2.0.0.
Review the following advisories and apply the necessary updates:
| Vmware |
| 795 | Microsoft Security Advisory - October 2025 monthly rollup. [Published Date: 2025-10-14]
[Id:2025.10.14.010]
details...
On 14th October 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Agere Windows Modem Driver
- Microsoft PowerShell
- Windows Failover Cluster
- Azure Connected Machine Agent
- Microsoft Brokering File System
- Virtual Secure Mode
- Microsoft Graphics Component
- Windows Kernel
- Windows Device Association Broker service
- Windows Digital Media
- Windows Hello
- Windows Virtualization-Based Security (VBS) Enclave
- Xbox
- Microsoft Exchange Server
- Visual Studio
- .NET
- .NET, .NET Framework, Visual Studio
- ASP.NET Core
- Microsoft Configuration Manager
- Azure Monitor
- Windows Storage Management Provider
- Connected Devices Platform Service (Cdpsvc)
- Windows Hyper-V
- Windows BitLocker
- Windows PrintWorkflowUserSvc
- Windows NTFS
- Windows Cloud Files Mini Filter Driver
- Windows NDIS
- Windows Remote Desktop Protocol
- Windows USB Video Driver
- Windows DirectX
- Windows DWM
- Windows Resilient File System (ReFS)
- Windows Error Reporting
- Windows WLAN Auto Config Service
- NtQueryInformation Token function (ntifs.h)
- Azure Local
- Windows Routing and Remote Access Service (RRAS)
- Microsoft Windows
- Windows Ancillary Function Driver for WinSock
- Microsoft Windows Speech
- Remote Desktop Client
- Windows Cryptographic Services
- Windows COM
- Windows SMB Server
- Windows Connected Devices Platform Service
- Windows Bluetooth Service
- Windows Local Session Manager (LSM)
- Inbox COM Objects
- Windows Remote Desktop
- Windows File Explorer
- Windows High Availability Services
- Windows Core Shell
- Microsoft Windows Search Component
- Storport.sys Driver
- Windows Management Services
- Windows SSDP Service
- Windows ETL Channel
- Software Protection Platform (SPP)
- Data Sharing Service Client
- Network Connection Status Indicator (NCSI)
- Windows Remote Desktop Services
- Windows StateRepository API
- Windows Resilient File System (ReFS) Deduplication Service
- Windows MapUrlToZone
- Windows Push Notification Core
- Azure Entra ID
- Microsoft Office Word
- Microsoft Office Excel
- Microsoft Office Visio
- Microsoft Office
- Microsoft Office SharePoint
- Windows Remote Access Connection Manager
- Microsoft Office PowerPoint
- Windows Health and Optimized Experiences Service
- Azure PlayFab
- JDBC Driver for SQL Server
- Copilot
- Windows DWM Core Library
- Active Directory Federation Services
- Microsoft Failover Cluster Virtual Driver
- Redis Enterprise
- Windows Authentication Methods
- Windows SMB Client
- XBox Gaming Services
- Windows NTLM
- Azure Monitor Agent
- Windows Server Update Service
- GitHub
- Confidential Azure Container Instances
- Windows Taskbar Live
- Internet Explorer
- Microsoft Defender for Linux
- Windows Remote Procedure Call
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 796 | Mozilla Security Advisory. [Published Date: 2025-10-14]
[Id:2025.10.14.011]
details...
On 14th October 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox versions prior to 144
- Firefox ESR versions prior to 115.29
- Firefox ESR versions prior to 140.4
- Thunderbird versions prior to 144
- Thunderbird versions prior to 140.4
- Thunderbird ESR versions prior to 140.4
Review the following advisories and apply the necessary updates:
| Mozilla |
| 797 | Google Chrome Security Advisory. [Published Date: 2025-10-10]
[Id:2025.10.10.001]
details...
On 9th October 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 141.0.7390.76/.77 (Windows/Mac) and 1 41.0.7390.76 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 798 | Microsoft Edge Security Advisory. [Published Date: 2025-10-10]
[Id:2025.10.10.002]
details...
| Microsoft |
| 799 | Microsoft Edge Security Advisory. [Published Date: 2025-10-10]
[Id:2025.10.10.003]
details...
| Microsoft |
| 800 | Juniper Networks Security Advisory. [Published Date: 2025-10-09]
[Id:2025.10.09.001]
details...
On 8th October 2025, Juniper Networks published security advisories to address vulnerabilities in multiple products.
Review the Juniper Networks Security Advisories and apply the necessary updates.
| juniper |
| 801 | Google Chrome Security Advisory. [Published Date: 2025-10-08]
[Id:2025.10.08.001]
details...
On 7th October 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 141.0.7390.65/.66 (Windows/Mac) and 141.0.7390.65 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 802 | GitLab Security Advisory. [Published Date: 2025-10-08]
[Id:2025.10.08.002]
details...
On 8th October 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.4.2, 18.3.4 and 18.2.8
- GitLab Enterprise Edition (EE) - versions prior to 18.4.2, 18.3.4 and 18.2.8
Review the following advisories and apply the necessary updates:
| Gitlab |
| 803 | Oracle Security Advisory. [Published Date: 2025-10-06]
[Id:2025.10.06.001]
details...
On 4th October 2025, Oracle published a security advisory to address vulnerabilities in Oracle E-Business Suite - versions 12.2.3 to 12.2.14.
Review the following Oracle Security Advisory and apply the necessary updates:
| Oracle |
| 804 | IBM Security Advisory. [Published Date: 2025-10-06]
[Id:2025.10.06.002]
details...
Between 29th September and 5th October 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 805 | Ubuntu Security Advisory. [Published Date: 2025-10-06]
[Id:2025.10.06.003]
details...
Between 29th September and 5th October 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 806 | Red Hat Security Advisory. [Published Date: 2025-10-06]
[Id:2025.10.06.004]
details...
Between 29th September and 5th October 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 807 | Redis Security Advisory. [Published Date: 2025-10-06]
[Id:2025.10.06.005]
details...
On 3rd October 2025, Redis published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Redis Software - multiple versions
- Redis OSS/CE/Stack releases with Lua scripting - multiple versions
Review the following Redis Security Advisory and apply the necessary updates:
| Redis |
| 808 | Android security advisory - October 2025 Monthly Rollup.Android security advisory - October 2025 Monthly Rollup. [Published Date: 2025-10-06]
[Id:2025.10.06.006]
details...
On 6th October 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 809 | Trend Micro (Mac) Security Advisory. [Published Date: 2025-10-03]
[Id:2025.10.03.001]
details...
On 25th September 2025, Trend Micro published security advisories to address vulnerabilities in Trend Micro Antivirus for Mac - version 11.8.1283.
Review the Trend Micro security bulletins and apply the necessary updates. | Trendmicro |
| 810 | OpenSSL Security Advisory. [Published Date: 2025-10-03]
[Id:2025.10.03.002]
details...
On 30th September 2025, OpenSSL published a security bulletin to address vulnerabilities in the FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0.
Review the OpenSSL Security News and apply the necessary updates.
| OpenSSL |
| 811 | Microsoft Edge Security Advisory. [Published Date: 2025-10-03]
[Id:2025.10.03.003]
details...
| Microsoft |
| 812 | TeamViewer Security Advisory. [Published Date: 2025-10-02]
[Id:2025.10.02.001]
details...
On 30th September 2025, TeamViewer published security updates to address vulnerabilities in the following products:
- TeamViewer Remote Full Client (Windows) - versions prior to 15.70
- TeamViewer Remote Host (Windows) - versions prior to 15.70
Review the following TeamViewer Security Advisory and apply the necessary updates:
| Teamviewer |
| 813 | Mozilla Security Advisory. [Published Date: 2025-10-02]
[Id:2025.10.02.002]
details...
Between 28th and 30th September 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox - versions prior to 143.0.3
- Firefox for iOS - versions prior to 143.1
Review the following advisories and apply the necessary updates:
| Mozilla |
| 814 | Splunk Security Advisory. [Published Date: 2025-10-02]
[Id:2025.10.02.003]
details...
On 1st October 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - multiple versions and platforms
- Splunk Cloud Platform - multiple versions and platforms
Review the [advisory.splunk.com]Splunk Security Advisories and apply the necessary updates. | Splunk |
| 815 | Google Chrome Security Advisory. [Published Date: 2025-10-02]
[Id:2025.10.02.004]
details...
On 30th September 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 141.0.7390.54/55 (Windows/Mac) and 141.0.7390.54/55 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 816 | Cisco Security Advisory. [Published Date: 2025-10-02]
[Id:2025.10.02.005]
details...
On 1st October 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Cyber Vision Center - versions 5.1 and 5.2 and prior
- Cisco Unified CM, Unified CM SME - versions 12.5, 14 and versions prior to 15SU3
Review the following advisories and apply the necessary updates:
| Cisco |
| 817 | Situational Awareness for Upcoming Durga Puja Holidays. [Published Date: 2025-09-30]
[Id:2025.09.30.001]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 818 | IBM Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.001]
details...
Between 22nd and 28th September 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 819 | Dell Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.002]
details...
Between 22nd and 28th September 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Cloud Disaster Recovery - versions prior to 19.20
- Dell Data Protection Central - version 19.8 to 19.12 with Data Protection Central OS Update prior to dpc-osupdate-1.1.24-1
- Dell Latitude 5350, 5450, 5550, 7350, 7450 and 7650 - versions prior to 3.2.0.22
- Dell Latitude 7030 Rugged Extreme Tablet - versions prior to 3.2.0.22
- Dell Latitude 7350 Detachable - versions prior to 3.2.0.22
- Dell Latitude 9450 2-in-1 - versions prior to 3.2.0.22
- Dell Mobile Precision 3591 - versions prior to 3.2.0.22
- Dell PowerEdge Server - multiple versions and platforms
- Dell Precision 3490 and 3590 - versions prior to 3.2.0.22
- Dell Pro Rugged 13 RA13250 and RB14250 - versions prior to 3.2.0.22
- Dell SmartFabric Manager - versions prior to 1.4.1
- Dell VMware ESXi - versions prior to 9.0.0.0100
- Dell VMware ESXi - versions prior to ESXi 8.0 Update 3f
- Dell iDRAC9 - multiple versions and platforms
- PowerProtect DP Series (Integrated Data Protection Appliance (IDPA) Appliance) - version 2.7.9 and prior
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 820 | Ubuntu Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.003]
details...
Between 22nd and 28th September 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 821 | Red Hat Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.004]
details...
Between 22nd and 28th September 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 822 | VMware Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.005]
details...
On 29th September 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Aria Operations - versions 8.x
- VMware Cloud Foundation - versions 4.x, 4.5.x, 5.x and 9.x.x.x
- VMware NSX - versions 4.2.x, 4.1.x and 4.0.x
- VMware NSX-T - version 3.x
- VMware Telco Cloud Infrastructure - versions 3.x and 2.x
- VMware Telco Cloud Platform - versions 5.x, 4.x, 3.x and 2.x
- VMware Tools - versions 13.x.x, 12.x.x and 11.x.x
- VMware vCenter - version 7.0 and 8.0
- VMware vSphere Foundation - versions 9.x.x.x and 13.x.x.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 823 | Apple Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.006]
details...
On 29th September 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 26.0.1
- iOS 18.7.1 and iPadOS 18.7.1 - versions prior to iOS 18.7.1
- macOS Tahoe - versions prior to 26.0.1
- macOS Sequoia - versions prior to 15.7.1
- macOS Sonoma - versions prior to 14.8.1
- visionOS - versions prior to 26.0.1
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 824 | Dell Security Advisory. [Published Date: 2025-09-29]
[Id:2025.09.29.007]
details...
Between 29th September and 5th October 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.05.00.00
- Dell PowerProtect DP Series Appliance (Integrated Data Protection Appliance) - versions 2.7.9 and prior
- Dell PowerProtect Data Domain - multiple versions
- Dell PowerScale OneFS - multiple versions
- Dell Repository Manager - version 3.4.7 and 3.4.8
- Dell XtremIO X2 - versions prior to 6.4.4
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 825 | GitLab Security Advisory. [Published Date: 2025-09-26]
[Id:2025.09.26.001]
details...
On 25th September 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.4.1, 18.3.3 and 18.2.7
- GitLab Enterprise Edition (EE) - versions prior to 18.4.1, 18.3.3 and 18.2.7
Review the following advisories and apply the necessary updates:
| Gitlab |
| 826 | Microsoft Edge Security Advisory. [Published Date: 2025-09-26]
[Id:2025.09.26.002]
details...
| Microsoft |
| 827 | Google Chrome Security Advisory. [Published Date: 2025-09-26]
[Id:2025.09.26.003]
details...
On 25th September 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 140.0.7339.213/.214 (Mac).
Review the Google security bulletins and apply the necessary updates. | Google |
| 828 | Foxit Security Advisory. [Published Date: 2025-09-26]
[Id:2025.09.26.004]
details...
On 25th September 2025, Foxit published security advisories to address vulnerabilities in the following products:
- Foxit PDF Editor (Windows) - multiple versions
- Foxit PDF Editor for Mac - multiple versions
- Foxit PDF Reader (Windows) - version 2025.2.0.33046 and prior
- Foxit PDF Reader for Mac - version 2025.2.0.68868 and prior
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 829 | Cisco Security Advisory. [Published Date: 2025-09-25]
[Id:2025.09.25.001]
details...
On 25th September 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco ASA software release 9.12 - versions prior to 9.12.4.72
- Cisco ASA software release 9.14 - versions prior to 9.14.4.28
- Cisco ASA software release 9.16 - versions prior to 9.16.4.85
- Cisco ASA software release 9.17 - versions prior to 9.17.1.45
- Cisco ASA software release 9.18 - versions prior to 9.18.4.67
- Cisco ASA software release 9.19 - versions prior to 9.19.1.42
- Cisco ASA software release 9.20 - versions prior to 9.20.4.10
- Cisco ASA software release 9.22 - versions prior to 9.22.2.14
- Cisco ASA software release 9.23 - versions prior to 9.23.1.19
- Cisco FTD software release 7.0 - versions prior to 7.0.8.1
- Cisco FTD software release 7.1 - all versions
- Cisco FTD software release 7.2 - versions prior to 7.2.10.2
- Cisco FTD software release 7.3 - all versions
- Cisco FTD software release 7.4 - versions prior to 7.4.2.4
- Cisco FTD software release 7.6 - versions prior to 7.6.2.1
- Cisco FTD software release 7.7 - versions prior to 7.7.10.1
Review the following advisories and apply the necessary updates:
| Cisco |
| 830 | Google Chrome Security Advisory. [Published Date: 2025-09-24]
[Id:2025.09.24.001]
details...
On 23rd September 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 140.0.7339.207/.208 (Windows/Mac) and 1 40.0.7339.207 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 831 | Cisco Security Advisory. [Published Date: 2025-09-24]
[Id:2025.09.24.002]
details...
On 23rd September 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Access Point Software - multiple versions and platforms
- Cisco Catalyst 9500X and 9600X Series Switches - multiple versions
- Cisco IOS XE Software for Catalyst 9XXX Series Switches - multiple versions and platforms
- Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud - multiple versions and platforms
- Cisco IOS and IOS XE Software - multiple versions and platforms
- Cisco Industrial Ethernet (IE) Series Switches - multiple versions and platforms
- Cisco SD-WAN vEdge Routers - multiple versions and platforms
- Cisco SD-WAN vEdge Software Release - versions prior to 20.8, 20.9 and 20.10
- Cisco Wireless Access Point (AP) Software - multiple versions and platforms
- Cisco Wireless LAN Controller (WLC) IOS XE Software - multiple versions and platforms
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 832 | Drupal Security Advisory. [Published Date: 2025-09-24]
[Id:2025.09.24.003]
details...
On 24th September 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- JSON Field - versions prior to 1.5
- Plausible tracking - versions prior to 1.0.2
- Access code - versions prior to 2.0.5
- Umami Analytics - version prior to 1.0.1
- Currency - versions prior to 3.5.0
- Reverse Proxy Header - version prior to 1.1.2
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 833 | HPE Security Advisory. [Published Date: 2025-09-24]
[Id:2025.09.24.004]
details...
On 23rd September 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Compute Scale-up Server 3200 - versions prior to v1.60.88
- HPE Superdome Flex Server - versions prior to v4.10.18
- HPE Superdome Flex 280 Server - versions prior to v2.05.12
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 834 | SonicWall Security Advisory. [Published Date: 2025-09-23]
[Id:2025.09.23.001]
details...
On 22nd September 2025, SonicWall published a security advisory to address vulnerabilities in SMA 100 Series (SMA 210, 410, 500v) - version 10.2.1.15-81sv and prior.
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 835 | SolarWinds Security Advisory. [Published Date: 2025-09-23]
[Id:2025.09.23.002]
details...
On 17th September 2025, SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Web Help Desk - version 12.8.7 and prior..
Review the following SolarWinds Security Advisory and apply the necessary updates.
| Solarwinds |
| 836 | Citrix Security Advisory. [Published Date: 2025-09-23]
[Id:2025.09.23.003]
details...
On 9th September 2025, Citrix published a security Advisory to address a vulnerability in XenServer - version 8.4.
Review the following advisories and apply the necessary updates:
| Citrix |
| 837 | Ubuntu Security Advisory. [Published Date: 2025-09-22]
[Id:2025.09.22.001]
details...
Between 15th and 21st September 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 838 | Dell Security Advisory. [Published Date: 2025-09-22]
[Id:2025.09.22.002]
details...
Between 15th and 21st September 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerProtect Cyber Recovery - versions prior to 19.20.0.1, 15.4.0-9 and 1.5.0-63
- Dell CyberSense - versions prior to 8.13
Review the following advisories and apply the necessary updates:
| Dell |
| 839 | IBM Security Advisory. [Published Date: 2025-09-22]
[Id:2025.09.22.003]
details...
Between 15th and 21st September 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 840 | Red Hat Security Advisory. [Published Date: 2025-09-22]
[Id:2025.09.22.004]
details...
Between 15th and 21st September 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 841 | Microsoft Edge Security Advisory. [Published Date: 2025-09-22]
[Id:2025.09.22.005]
details...
| Microsoft |
| 842 | Google Chrome Security Advisory. [Published Date: 2025-09-18]
[Id:2025.09.18.001]
details...
On 17th September 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 140.0.7339.185/186 (Windows/Mac) and 140.0.7339.185 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 843 | Nokia Security Advisory. [Published Date: 2025-09-18]
[Id:2025.09.18.002]
details...
On 18th September 2025, Nokia published a security advisory to address vulnerabilities in the following products:
- CloudBand Infrastructure Software (CBIS) - version CBIS 22
- Nokia Container Service (NCS) - versions NCS 22.12 and NCS 23.10
Review the following advisories and apply the necessary updates:
| Nokia |
| 844 | SonicWall Security Advisory. [Published Date: 2025-09-18]
[Id:2025.09.18.003]
details...
On 17th September 2025, SonicWall published a security incident report describing suspicious activity targeting their cloud backup service for firewalls. Customer firewall preference files stored in the cloud were accessed by threat actors. These files contain information that could make the exploitation of customer firewalls significantly easier.
Affected products:
- SonicWall Firewalls with preference files backed up in MySonicWall.com
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 845 | Atlassian Security Advisory. [Published Date: 2025-09-17]
[Id:2025.09.17.001]
details...
On 16th September 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Confluence Data Center and server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates:
| Atlassian |
| 846 | HPE Security Advisory. [Published Date: 2025-09-17]
[Id:2025.09.17.002]
details...
On 16th September 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Aruba Networking EdgeConnect SD-WAN Release Stream - versions 9.5.x.x to 9.5.3.x
- HPE Aruba Networking EdgeConnect SD-WAN Release Stream - versions 9.4.x.x to 9.4.3.x
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 847 | Jenkins Security Advisory. [Published Date: 2025-09-17]
[Id:2025.09.17.003]
details...
On 17th September 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
- Jenkins weekly - version 2.528 and prior
- Jenkins LTS - version 2.516.3 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 848 | Microsoft Edge Security Advisory. [Published Date: 2025-09-17]
[Id:2025.09.17.004]
details...
| Microsoft |
| 849 | Mozilla Security Advisory. [Published Date: 2025-09-16]
[Id:2025.09.16.001]
details...
On 19th August 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Focus for iOS - versions prior to 143.0
- Firefox - versions prior to 143
- Firefox ESR - versions prior to 115.28
- Firefox ESR - versions prior to 140.3
- Thunderbird - versions prior to 143
- Thunderbird - versions prior to 140.3
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 850 | HPE Security Advisory. [Published Date: 2025-09-16]
[Id:2025.09.16.002]
details...
On 16th September 2025, HPE published a security advisory to address vulnerabilities in HPE Telco Service Activator - 9.1 versions prior to 9.1.32.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 851 | IBM Security Advisory. [Published Date: 2025-09-15]
[Id:2025.09.15.001]
details...
Between 8th and 14th September 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 852 | Dell Security Advisory. [Published Date: 2025-09-15]
[Id:2025.09.15.002]
details...
Between 8th and 14th September 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Latitude 12 Rugged Extreme 7214 - versions prior to 1.52.0
- Dell Latitude 5420 Rugged - versions prior to 1.40.0
- Dell Latitude 5424 Rugged - versions prior to 1.40.0
- Dell Latitude 7212 Rugged Extreme Tablet - versions prior to 1.58.0
- Dell Latitude 7424 Rugged Extreme - versions prior to 1.40.0
- Dell PowerProtect Data Manager - versions prior to 19.21
- Dell PowerProtect Data Protection Hardware - versions prior to 2.7.9
Review the following advisories and apply the necessary updates:
| Dell |
| 853 | Red Hat Security Advisory. [Published Date: 2025-09-15]
[Id:2025.09.15.003]
details...
Between 8th and 14th September 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 854 | Apple Security Advisory. [Published Date: 2025-09-15]
[Id:2025.09.15.004]
details...
On 15th September 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 26
- iOS and iPadOS - versions prior to 18.7
- iOS and iPadOS - versions prior to 16.7.12
- iOS and iPadOS - versions prior to 15.8.5
- macOS Tahoe - versions prior to 26
- macOS Sequoia - versions prior to 15.7
- macOS Sonoma - versions prior to 14.8
- tvOS 26 - versions prior to 26
- watchOS - versions prior to 26
- visionOS - versions prior to 26
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 855 | Microsoft Edge Security Advisory. [Published Date: 2025-09-12]
[Id:2025.09.12.001]
details...
| Microsoft |
| 856 | Cisco Security Advisory. [Published Date: 2025-09-11]
[Id:2025.09.11.001]
details...
On 10th September 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco IOS XR Software - version 7.10 and prior
- Cisco IOS XR Software - version 7.11, 24.2, 24.3, 24.4 and 25.1
- Cisco IOS XR ARP - version 7.11 and prior
- Cisco IOS XR ARP - version 24.1, 24.2, 24.3, 24.4, 25.1 and 25.2
- Cisco 8000 Series Routers - all versions
- Cisco ASR 9000 Series Aggregation Services Routers - version 24.1.1 and prior
- Cisco IOS XR White box (IOSXRWBD) - version 7.9.1 and prior
- Cisco OS XRd vRouters - all version
- Cisco IOS XRv 9000 Routers - version 24.1.1 and prior
- Cisco Network Convergence Series (NCS) 540 Series Routers (NCS540-iosxr base image) - version 7.9.1 and prior
- Cisco NCS 540 Series Routers (NCS540L-iosxr base image) - all versions
- Cisco NCS 560 Series Routers - version 24.2.1 and prior
- Cisco NCS 1010 Platforms - all versions
- Cisco NCS 1014 Platforms - all versions
- Cisco NCS 5500 Series Routers - version 7.9.1 and prior
- Cisco NCS 5700 Series Routers - version NCS5700 and prior
Review the following advisories and apply the necessary updates:
| Cisco |
| 857 | GitLab Security Advisory. [Published Date: 2025-09-11]
[Id:2025.09.11.002]
details...
On 10th September 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.6
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.9
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.13
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.18
Review the following advisories and apply the necessary updates:
| Gitlab |
| 858 | Palo Alto Networks Security Advisory. [Published Date: 2025-09-11]
[Id:2025.09.11.003]
details...
On 10th September 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- Cortex XDR Microsoft 365 Defender Pack 4.6.0 windows - versions prior to 4.6.5
- User-ID Credential Agent 11.0.0 Windows - versions prior to 11.0.2-133
- User-ID Credential Agent 11.0.0 Windows - versions prior to 11.0.3
- Prisma Access Browser - version prior to 139.12.4.128
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 859 | GitLab Security Advisory. [Published Date: 2025-09-10]
[Id:2025.09.10.001]
details...
On 10th September 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.3.2, 18.2.6 and 18.1.6
- GitLab Enterprise Edition (EE) - versions prior to 18.3.2, 18.2.6 and 18.1.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 860 | SAP security advisory - September 2025 monthly rollup. [Published Date: 2025-09-09]
[Id:2025.09.09.001]
details...
On 9th September 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver (RMI-P4) - version SERVERCORE 7.50
- SAP NetWeaver AS Java (Deploy Web Service) - version J2EE-APPS 7.50
- SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 and 757
- SAP NetWeaver - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53 and 7.54
- SAP Business One (SLD) - versions B1_ON_HANA 10.0 and SAP-M-BO 10.0
- SAP Landscape Transformation Replication Server - versions DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731 and 2011_1_752, 2020
- SAP S/4HANA (Private Cloud or On-Premise) - versions S4CORE 102, 103, 104, 105, 106, 107 and 108
- SAP NetWeaver and ABAP Platform (Service Data Collection) - versions ST-PI 2008_1_700, 2008_1_710 et 740
- SAP Commerce Cloud and SAP Datahub - versions HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211 and DHUB_CLOUD 2211
- SAP Business Planning and Consolidation - versions BPC4HANA 200, 300, SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, 758, 816, 914 and CPMBPC 810
- SAP HCM (My Timesheet Fiori 2.0 application) - version GBX01HR5 605
- SAP HCM (Approve Timesheets Fiori 2.0 application) - version GBX01HR5 605
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 2025 and 2027
- SAP Supplier Relationship Management - versions SRM_SERVER 700, 701, 702, 713 and 714
- SAP NetWeaver ABAP Platform - versions S4CRM 100, 200, 204, 205, 206, S4CEXT 109, BBPCRM 713 and 714
- Fiori app (Manage Payment Blocks) - versions S4CORE 107 and 108
- SAP NetWeaver Application Server Java - version WD-RUNTIME 7.50
- SAP NetWeaver (Service Data Download) - multiple versions and platforms
- SAP NetWeaver Application Server for ABAP - multiple versions and platforms
- SAP NetWeaver AS Java (IIOP Service) - version SERVERCORE 7.50
- SAP Fiori App (F4044 Manage Work Center Groups) - versions UIS4HOP1 600, 700, 800 and 900
- SAP NetWeaver Application Server for ABAP (Background Processing) - multiple versions and platforms
- SAP Fiori (Launchpad) - version SAP_UI 754
- SAP NetWeaver AS Java (Adobe Document Service) - version ADSSAP 7.50
- SAP Commerce Cloud - versions HY_COM 2205 and COM_CLOUD 2211
Review the SAP Security Patch Day - September 2025 and apply the necessary updates. | SAP |
| 861 | HPE Security Advisory. [Published Date: 2025-09-09]
[Id:2025.09.09.002]
details...
On 8th September 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Intelligent Assurance FAS and PDO - versions prior to 4.2.8
- HPE Intelligent Assurance Telco INT-A FAS and PDO - versions prior to v4.2.7
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 862 | Fortinet Security Advisory. [Published Date: 2025-09-09]
[Id:2025.09.09.003]
details...
On 9th September 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiWeb 7.6 - versions 7.6.0 to 7.6.4
- FortiWeb 7.4 - versions 7.4.0 to 7.4.8
- FortiWeb 7.2 - versions 7.2.0 to 7.2.11
- FortiWeb 7.0 - versions 7.0.2 to 7.0.11
- FortiDDoS-F 7.0 - versions 7.0.0 to 7.0.2
- FortiDDoS-F 6.1, 6.2, 6.3, 6.4, 6.5, 6.6 - all versions
Review the following advisories and apply the necessary updates:
| Fortinet |
| 863 | Ivanti Security Advisory. [Published Date: 2025-09-09]
[Id:2025.09.09.004]
details...
On 9th September 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Endpoint Manager - version 2022 SU8 Security Update 1 and prior
- Ivanti Endpoint Manager - version 2024 SU3 and prior
- Ivanti Connect Secure - version 22.7R2.8 and prior
- Ivanti Policy Secure - version 22.7R1.4 and prior
- ZTA Gateways - version 22.8R2.2
- Neurons for Secure Access - version 22.8R1.3 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 864 | Microsoft Security Advisory - September 2025 monthly rollup. [Published Date: 2025-09-09]
[Id:2025.09.09.005]
details...
On 9th September 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Azure Bot Service
- Azure Connected Machine Agent
- Azure Networking
- Dynamics 365
- Microsoft 365
- Microsoft AutoUpdate for Mac
- Microsoft Entra ID
- Microsoft Excel 2016
- Microsoft HPC
- Microsoft Office
- Microsoft OfficePLUS
- Microsoft PowerPoint
- Microsoft SQL Server
- Microsoft SharePoint
- Microsoft Word 2016
- Office Online Server
- Windows 10
- Windows 11
- Windows Server 2008
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 865 | Adobe Security Advisory. [Published Date: 2025-09-09]
[Id:2025.09.09.006]
details...
On 9th September 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Acrobat DC Win - 25.001.20672 and earlier versions
- Acrobat DCMac - 25.001.20668 and earlier versions
- Acrobat Reader DC Win - 25.001.20672 and earlier versions
- Acrobat Reader DC Mac - 25.001.20668 and earlier versions
- Acrobat 2024 Win & Mac - 24.001.30254 and earlier versions
- Acrobat 2020 Win & Mac - 20.005.30774 and earlier versions
- Acrobat Reader 2020 Win & Mac - 20.005.30774 and earlier versions
- Adobe After Effects 24.6.7 and earlier versions
- Adobe After Effects 25.3 and earlier versions
- Adobe Premiere Pro 25.3 and earlier versions
- Adobe Premiere Pro 24.6.5 and earlier versions
- Adobe Commerce 2.4.9-alpha2 and earlier versions
- Adobe Commerce 2.4.8-p2 and earlier versions
- Adobe Commerce 2.4.7-p7 and earlier versions
- Adobe Commerce 2.4.6-p12 and earlier versions
- Adobe Commerce 2.4.5-p14 and earlier versions
- Adobe Commerce 2.4.4-p15 and earlier versions
- Adobe Commerce B2B 1.5.3-alpha2 and earlier versions
- Adobe Commerce B2B 1.5.2-p2 and earlier versions
- Adobe Commerce B2B 1.4.2-p7 and earlier versions
- Adobe Commerce B2B 1.3.4-p14 and earlier versions
- Adobe Commerce B2B 1.3.3-p15 and earlier versions
- Magento Open Source 2.4.9-alpha2 and earlier versions
- Magento Open Source 2.4.8-p2 and earlier versions
- Magento Open Source 2.4.7-p7 and earlier versions
- Magento Open Source 2.4.6-p12 and earlier versions
- Magento Open Source 2.4.5-p14 and earlier versions
- Adobe Substance 3D Viewer 0.25.1 and earlier versions
- AEM Cloud Service (CS) 6.5 LTS SP1 and earlier versions
- AEM Cloud Service (CS) 6.5.23 and earlier versions
- Adobe Dreamweaver 21.5 and earlier versions
- Adobe Substance 3D Modeler 1.22.2 and earlier versions
- ColdFusion 2025 Update 3 and earlier versions
- ColdFusion 2023 Update 15 and earlier versions
- ColdFusion 2021 Update 21 and earlier versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 866 | IBM Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.001]
details...
Between 1st and 7th September 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 867 | Dell Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.002]
details...
Between 1st and 7th September 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Enterprise SONiC Distribution - versions prior to 4.4.3
- Dell Inspiron 14 5441 and 14 7441 - versions prior to 31.0.114.0
- Dell Latitude 5455 and 7455 - versions prior to 31.0.114.0
- Dell PowerEdge Server - multiple versions and models
- Dell PowerStore T - multiple versions and models
- Dell ThinOS - multiple versions and models
- Dell XPS 13 9345 - versions prior to 31.0.114.0
Review the following advisories and apply the necessary updates:
| Dell |
| 868 | Ubuntu Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.003]
details...
Between 1st and 7th September 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the following advisories and apply the necessary updates:
| Ubuntu |
| 869 | Red Hat Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.004]
details...
Between 1st and 7th September 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 870 | Microsoft Edge Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.005]
details...
| Microsoft |
| 871 | VMware Security Advisory. [Published Date: 2025-09-08]
[Id:2025.09.08.006]
details...
Between 3rd and 4th September 2025, VMware published security advisories to address vulnerabilities in multiple products.
Review the VMware Security Advisories and apply the necessary updates. | Vmware |
| 872 | Drupal Security Advisory. [Published Date: 2025-09-04]
[Id:2025.09.04.001]
details...
On 3rd September 2025, Drupal published security advisories to address vulnerabilities in Acquia DAM - versions prior to 1.1.5.
Review the following advisories and apply the necessary updates:
| Drupal |
| 873 | VMware Security Advisory. [Published Date: 2025-09-04]
[Id:2025.09.04.002]
details...
Between 2nd and 3rd September 2025, VMware published security advisories to address vulnerabilities in the following products:
- Tanzu Greenplum - version prior to 7.5.4
- Tanzu Platform for Cloud Foundry - version prior to 10.0.9
- Tanzu Platform for Cloud Foundry - version prior to 10.2.2+LTS-T
- Tanzu Platform for Cloud Foundry - version prior to 6.0.19+LTS-T
- VMware Tanzu GemFire Management Console - version prior to 4.0
Review the following advisories and apply the necessary updates:
| Vmware |
| 874 | Atlassian Security Advisory. [Published Date: 2025-09-04]
[Id:2025.09.04.003]
details...
On 19th August 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
Review the Atlassian Security Bulletin - 19th August 2025 and Security Advisory and apply the necessary update. | Atlassian |
| 875 | HPE Security Advisory. [Published Date: 2025-09-04]
[Id:2025.09.04.004]
details...
On 3rd September 2025, HPE published a security advisory to address vulnerabilities in HPE M-Series Switches Using NVIDIA Cumulus - versions prior to 5.9.2 and 5.11.1.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 876 | Android security advisory - September 2025 Monthly Rollup. [Published Date: 2025-09-03]
[Id:2025.09.03.001]
details...
On 2nd September 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 877 | Google Chrome Security Advisory. [Published Date: 2025-09-03]
[Id:2025.09.03.002]
details...
On 2nd September 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 140.0.7339.80/81 (Windows/Mac) and 140.0.7339.80 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 878 | Cisco Security Advisory. [Published Date: 2025-09-03]
[Id:2025.09.03.003]
details...
On 2nd September 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Desk Phone 9800 Series
- Cisco EPNM
- Cisco IP Phone 7800 Series
- Cisco IP Phone 8800 Series
- Cisco Prime Infrastructure
- Cisco Unified CM IM&P
- Cisco Unified CM SME
- Cisco Unified CM
- Cisco Video Phone 8875
- Cisco Webex Meetings
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 879 | Ubuntu Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.001]
details...
Between 25th and 31st August 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 880 | Red Hat Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.002]
details...
Between 25th and 31st August 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 881 | Qualcomm Security Advisory – September 2025 monthly rollup. [Published Date: 2025-09-02]
[Id:2025.09.02.003]
details...
On 1st September 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 882 | IBM Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.004]
details...
Between 25h and 31st August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 883 | Dell Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.005]
details...
Between 25th and 31st August 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Ge5A - versions prior to 2.24.0
- Dell Avamar Data Store Ge5A - versions prior to 7.00.00.181
- Dell ObjectScale - versions prior to 4.1.0.0
- Dell Networking Products - multiple models and versions
- Dell NetWorker Runtime Environment (NRE) - versions prior to 17.0.2
- Dell Private Cloud VMWare - versions prior to 01.01.00.00
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 884 | WhatsApp Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.006]
details...
On 29th August, WhatsApp published security advisories to address vulnerabilities in multiple products.
- WhatsApp for IoS - versions prior to v2.25.21.73
- WhatsApp Business for IoS - versions prior to v2.25.21.78
- WhatsApp for MAC - versions prior to v2.25.21.78
Review the provided WhatsApp Security Advisories and apply the necessary updates. | WhatsApp |
| 885 | HashiCorp (An IBM Company) Security Advisory. [Published Date: 2025-09-02]
[Id:2025.09.02.007]
details...
On 28th August 2025, WhatsApp published security advisories to address vulnerabilities in multiple products.
- Vault Community - versions 1.15.0 to 1.20.2, 1.19.8, 1.18.13 and 1.16.24
- Vault Enterprise - versions 1.15.0 to 1.20.2, 1.19.8, 1.18.13 and 1.16.24
Review HashiCorp Security Advisory and apply the necessary updates. | HashiCorp |
| 886 | Microsoft Edge Security Advisory. [Published Date: 2025-08-29]
[Id:2025.08.29.001]
details...
| Microsoft |
| 887 | GitLab Security Advisory. [Published Date: 2025-08-28]
[Id:2025.08.28.001]
details...
On 27th August 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.3.1, 18.2.5 and 18.1.5
- GitLab Enterprise Edition (EE) - versions prior to 18.3.1, 18.2.5 and 18.1.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 888 | Cisco Security Advisory. [Published Date: 2025-08-27]
[Id:2025.08.27.001]
details...
On 27th August 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco UCS 6300 Series Fabric Interconnects
- Cisco Catalyst 8300 Series Edge uCPE
- Cisco UCS Manager Software
- Cisco UCS B-Series Blade Servers
- Cisco UCS C-Series M6, M7, and M8 Rack Servers
- Cisco UCS E-Series Servers M6
- Cisco UCS X-Series Modular System
- Cisco MDS 9000 Series Multilayer Switches
- Cisco Nexus 1000 Virtual Edge for VMware vSphere
- Cisco Nexus 3000 Series Switches
- Cisco Nexus 5500 Platform Switches
- Cisco Nexus 5600 Platform Switches
- Cisco Nexus 6000 Series Switches
- Cisco Nexus 7000 Series Switches
- Cisco Nexus 9000 Series Fabric Switches in ACI mode
- Cisco Nexus 9000 Series Switches in standalone NX-OS mode
- Cisco UCS 6400 Series Fabric Interconnects
- Cisco UCS 6500 Series Fabric Interconnects
- Cisco UCS X-Series Direct Fabric Interconnect 9108 100G
- Cisco Nexus Dashboard 3.2 and earlier
- Cisco Nexus Dashboard 4.1
- Cisco Nexus Dashboard Fabric Controller (NDFC)
Review the Cisco Security Advisory and apply the necessary updates.
| Cisco |
| 889 | Drupal Security Advisory. [Published Date: 2025-08-27]
[Id:2025.08.27.002]
details...
On 27th August 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
API Key Manager – all versions
Authenticator Login – versions prior to 2.1.8
Facets – versions prior to 2.0.10, version 3.0.0 to versions prior to 3.0.1
Owl Carousel 2 – all versions
Protected Pages – version 1.8.0
Synchronize composer.json with Contrib Modules – all versions
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 890 | Docker Security Advisory. [Published Date: 2025-08-27]
[Id:2025.08.27.003]
details...
On 20th August 2025, Docker published security updates to address a vulnerability affecting Docker Desktop - versions prior to 4.44.3.
Review the Docker security bulletins and apply the necessary updates.
| Docker |
| 891 | HPE Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.005]
details...
On 25th August 2025, HPE published a security advisory to address vulnerabilities in HP-UX 11i v3 PAM RADIUS - versions prior to A.03.00.00.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 892 | TeamViewer Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.006]
details...
On 25th August, 2025, TeamViewer published security updates to address vulnerabilities in the following products:
- TeamViewer Remote Full Client (Windows) - versions prior to 15.69
- TeamViewer Remote Host (Windows) - versions prior to 15.69
Review the following TeamViewer Security Advisory and apply the necessary updates:
| Teamviewer |
| 893 | Citrix Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.001]
details...
On 26th August 2025, Citrix published security advisories to address vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 1-47.48
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to1-59.22
- NetScaler ADC 13.1-FIPS and NDcPP - versions prior to1-37.241-FIPS and NDcPP
- NetScaler ADC 12.1-FIPS and NDcPP - versions prior to1-55.330-FIPS and NDcPP
Review the following advisories and apply the necessary updates:
| Citrix |
| 894 | HPE Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.002]
details...
On 26th August 2025, HPE published a security advisory to address vulnerabilities in HPE Compute Scale-up Server 3200 - versions prior to v1.60.88.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 895 | Google Chrome Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.003]
details...
On 26th August 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 139.0.7258.154.155 (Windows/Mac) and 139.0.7258.154 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 896 | Citrix Security Advisory. [Published Date: 2025-08-26]
[Id:2025.08.26.004]
details...
On 26th August 2025, Citrix published security advisories to address vulnerabilities in the following products:
NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-47.48
NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-59.22
NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.241-FIPS and NDcPP
NetScaler ADC 12.1-FIPS and NDcPP BEFORE 12.1-55.330-FIPS and NDcPP
Review the Citrix security advisory and apply necessary updates. | Citrix |
| 897 | Dell Security Advisory. [Published Date: 2025-08-25]
[Id:2025.08.25.001]
details...
Between 18th and 24th August 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell RecoverPoint for Virtual Machines (Debian) - versions prior to 6.0.SP3
- Dell RecoverPoint for Virtual Machines (Linux) - versions prior to 6.0.SP3
- Dell VxRail Appliance - versions 8.0.000 to 8.0.361
- Dell iDRAC Service Module - versions prior to 6.0.3.0
Review the following advisories and apply the necessary updates:
| Dell |
| 898 | IBM Security Advisory. [Published Date: 2025-08-25]
[Id:2025.08.25.002]
details...
Between 18th and 24th August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 899 | Red Hat Security Advisory. [Published Date: 2025-08-25]
[Id:2025.08.25.003]
details...
Between 18th and 24th August 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 900 | Ubuntu Security Advisory. [Published Date: 2025-08-25]
[Id:2025.08.25.004]
details...
Between 18th and 24th August 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 901 | Microsoft Edge Security Advisory. [Published Date: 2025-08-24]
[Id:2025.08.24.001]
details...
| Microsoft |
| 902 | Commvault Security Advisory. [Published Date: 2025-08-20]
[Id:2025.08.19.002]
details...
On 19th August 2025, Commvault published security advisories to address vulnerabilities in the following products:
- Commvault - versions 11.32.0 to 11.32.101
- Commvault - versions 11.36.0 to 11.36.59
Review the following advisories and apply the necessary updates:
| Commvault |
| 903 | Google Chrome Security Advisory. [Published Date: 2025-08-20]
[Id:2025.08.20.001]
details...
On 19th August 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 139.0.7258.138/.139 (Windows/Mac) and 139.0.7258.138 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 904 | Cisco Security Advisory. [Published Date: 2025-08-20]
[Id:2025.08.20.002]
details...
On 20th August 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Duo Authentication Proxy - version 5.8.2 and prior and version 6.5.1 and prior
- Cisco Evolved Programmable Network Manager (EPNM) - version 7.1 and prior, versions 8.0 and 8.1
- Cisco Prime Infrastructure - version 3.9 and prior and version 3.10
- Cisco Identity Services Engine (ISE) - version 3.1 and prior, versions 3.2 and 3.3
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 905 | Apple Security Advisory. [Published Date: 2025-08-20]
[Id:2025.08.20.003]
details...
On 20th July 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 18.6.2
- iPadOS - versions prior to 17.7.10
- macOS Sequoia - versions prior to 15.6.1
- macOS Sonoma - versions prior to 14.7.8
- macOS Ventura - versions prior to 13.7.8
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 906 | Mozilla Security Advisory. [Published Date: 2025-08-19]
[Id:2025.08.19.001]
details...
On 19th August 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Focus for iOS - versions prior to 142
- Firefox for iOS - versions prior to 142
- Firefox ESR - versions prior to 140.2
- Firefox ESR - versions prior to 128.14
- Firefox ESR - versions prior to 115.27
- Firefox - versions prior to 142
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 907 | Dell Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.001]
details...
Between 11th to 17th August 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Microsoft Azure - versions prior to 01.05.01.01
- Dell CloudLink - versions 8.0 to 8.1.1
- Dell Data Lakehouse - versions prior to 1.5.0.0
- Dell EMC XC Core XC7525 - version prior to 2.20.0
- Dell Intel E810 Adapters and Intel E823 LOM - versions prior to 24.0.0
- Dell Intel I350 and X550 Adapters - versions prior to 24.0.0
- Dell Intel X710, XXV710, and XL710 Adapters - versions prior to 24.0.0
- Dell OpenManage Enterprise - versions 3.10, 4.0, 4.1 and 4.2
- Dell PowerEdge R770, R670, R570, R470 - version prior to 1.3.2
- Dell PowerEdge Servers - multiple versions and models
- Dell PowerEdge T40 - versions prior to 1.19.0
- Dell PowerEdge XE7740 - versions prior to 1.2.2
- Dell PowerProtect DM5500 - versions prior to 5.19.1.0
- Dell SupportAssist for Business PCs - version 4.5.3 and prior
- Dell SupportAssist for Home PCs - version 4.8.2.29006 and prior
- Dell XC Core XC660, XC760, XC660xs, XC760xa - versions prior to 2.5.4
- Dell XC Core XC7625 - versions prior to 1.13.1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 908 | Ubuntu Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.002]
details...
Between 11th and 17th August 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Review the following N-able Security Advisory and apply the necessary updates:
| Ubuntu |
| 909 | IBM Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.003]
details...
Between 11th and 17th August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 910 | IBM Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.004]
details...
Between 11th and 17th August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 911 | Microsoft Edge Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.005]
details...
| Microsoft |
| 912 | Red Hat Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.006]
details...
Between 11th and 17th August 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 913 | Apache Security Advisory. [Published Date: 2025-08-18]
[Id:2025.08.18.007]
details...
On 13th August 2025, Apache published a security advisory to address vulnerabilities in the following products:
· Apache Tomcat 11.0.0-M1 to 11.0.7
· Apache Tomcat 10.1.0-M1 to 10.1.41
· Apache Tomcat 9.0.0.M1 to 9.0.105
· Older, EOL versions may also be affected
Review the following advisories and apply the necessary updates:
| Apache |
| 914 | Google Chrome Security Advisory. [Published Date: 2025-08-15]
[Id:2025.08.15.001]
details...
On 12th August 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 139.0.7258.127/128 (Windows/Mac) and 139.0.7258.127 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 915 | VMware Security Advisory. [Published Date: 2025-08-15]
[Id:2025.08.15.002]
details...
On 14th August 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu for Valkey - version 7.2.9
- VMware Tanzu for Valkey - version 8.0.3
- VMware Tanzu for Valkey - version 8.1.2
- VMware Tanzu for Valkey on Kubernetes - version 2.1.0
Review the following advisories and apply the necessary updates:
| Vmware |
| 916 | GitLab Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.001]
details...
On 13th August 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.2.2, 18.1.4 and 18.0.6
- GitLab Enterprise Edition (EE) - versions prior to 18.2.2, 18.1.4 and 18.0.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 917 | HPE Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.002]
details...
Between 6th and 13th August 2025, HPE published security advisories to address vulnerabilities in multiple products..
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 918 | F5 Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.003]
details...
On 13th August 2025, F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- APM Clients - version 7.2.5
- BIG-IP (APM) - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10
- BIG-IP (APM) - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10
- BIG-IP (all modules) - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10
- BIG-IP (all modules) - versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10
- BIG-IP Next (all modules) – versions 20.3.0
- BIG-IP Next CNF - versions 2.0.0 to 2.0.2 and versions 1.1.0 to 1.4.1
- BIG-IP Next SPK - versions 2.0.0 to 2.0.2 and versions 1.7.0 to 1.9.2
- BIG-IP Next for Kubernetes - version 2.0.0
- F5 Access for Android - versions 3.1.0 to 3.1.1
- F5 Silverline in HTTP/2 enabled proxy servers (all services)
- NGINX Open Source - versions 0.7.22 to 1.29.0
- NGINX Plus - versions R30 to R34
Review the F5 Quarterly Security Notification (August 2025) and apply the necessary updates. | F5 |
| 919 | Foxit Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.004]
details...
On 13th August 2025, Foxit published security advisories to address vulnerabilities in the following products:
- Foxit PDF Editor (Windows) - multiple versions
- Foxit PDF Editor for Mac - multiple versions
- Foxit PDF Reader (Windows) - version 2025.1.0.27937 and prior
- Foxit PDF Reader for Mac - version 2025.1.0.66692 and prior
Review the Foxit Security Bulletins and apply the necessary updates | Foxit |
| 920 | Intel Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.005]
details...
On 12th August 2025, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 921 | SolarWinds Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.006]
details...
On 12th August 2025, SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Database Performance Analyzer - version 2025.2 and prior.
Review the following SolarWinds Security Advisory and apply the necessary updates.
| Solarwinds |
| 922 | Drupal Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.007]
details...
On 13th August 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Authenticator Login (Alogin) - versions prior to 2.1.4
- Layout Builder Advanced Permissions - version 2.2.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 923 | Palo Alto Networks Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.008]
details...
On 13th August 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- Checkov by Prisma Cloud 3.2.0 - versions prior to 3.2.449
- Cortex XDR Broker VM 28.0.0 - versions prior to 28.0.52
- GlobalProtect App 6.3 Linux - versions prior to 6.3.3
- GlobalProtect App 6.3 Windows - versions prior to 6.3.3-h2 (6.3.3-c676)
- GlobalProtect App 6.2 Linux - all versions
- GlobalProtect App 6.2 Windows - versions prior to 6.2.8-h3 (6.2.8-c263)
- GlobalProtect App 6.1 Linux/Windows - all versions
- GlobalProtect App 6.0 Linux/Windows - all versions
- PAN-OS 11.2 (On PA-7500) - versions prior to 11.2.8
- PAN-OS 11.1 (On PA-7500) - versions prior to 11.1.10
- Prisma Access Browser - versions prior to 138.69.4.184
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 924 | ServiceNow Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.009]
details...
On 12th August 2025, ServiceNow published security advisories to address vulnerabilities in multiple versions of the following products:
- ServiceNow Washington - multiple versions
- ServiceNow Xanadu - multiple versions
- ServiceNow Yokohama - multiple versions
- ServiceNow Zurich - multiple versions
Review the following advisories and apply the necessary updates:
| ServiceNow |
| 925 | N-able Security Advisory. [Published Date: 2025-08-14]
[Id:2025.08.14.010]
details...
On 14th August 2025, N-able published a security advisory to address vulnerabilities in N-central - versions prior to 2025.3.1.
Review the following N-able Security Advisory and apply the necessary updates.
| N-able |
| 926 | Microsoft Security Advisory - August 2025 monthly rollup. [Published Date: 2025-08-13]
[Id:2025.08.13.001]
details...
On 12th August 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Microsoft Exchange Server
- SQL Server
- Role: Windows Hyper-V
- Azure Virtual Machines
- Microsoft Office SharePoint
- Microsoft Edge for Android
- Microsoft Graphics Component
- Microsoft Dynamics 365 (on-premises)
- Windows Routing and Remote Access Service (RRAS)
- Windows Kernel
- Windows Ancillary Function Driver for WinSock
- Desktop Windows Manager
- Windows File Explorer
- Windows Push Notifications
- Windows NTFS
- Remote Access Point-to-Point Protocol (PPP) EAP-TLS
- Windows Win32K - GRFX
- Windows Distributed Transaction Coordinator
- Windows Win32K - ICOMP
- Windows SMB
- Windows Cloud Files Mini Filter Driver
- Remote Desktop Server
- Windows DirectX
- Windows Installer
- Graphics Kernel
- Windows Message Queuing
- Windows Media
- Windows PrintWorkflowUserSvc
- Windows NT OS Kernel
- Kernel Transaction Manager
- Microsoft Brokering File System
- Kernel Streaming WOW Thunk Service Driver
- Storage Port Driver
- Windows Local Security Authority Subsystem Service (LSASS)
- Windows Connected Devices Platform Service
- Windows Remote Desktop Services
- Azure File Sync
- Microsoft Office Visio
- Microsoft Office
- Microsoft Office Word
- Microsoft Office Excel
- Microsoft Office PowerPoint
- Azure Stack
- Windows GDI+
- Azure OpenAI
- Windows Security App
- Web Deploy
- GitHub Copilot and Visual Studio
- Microsoft 365 Copilot's Business Chat
- Windows NTLM
- Windows Kerberos
- Microsoft Teams
- Windows Subsystem for Linux
- Windows StateRepository API
- Azure Portal
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 927 | Ivanti Security Advisory. [Published Date: 2025-08-13]
[Id:2025.08.13.002]
details...
On 12th August 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Virtual Application Delivery Controller (vADC) - version 22.8R2 and prior
- Ivanti Connect Secure (ICS) - version 22.7R2.7 and prior
- Ivanti Policy Secure (IPS) - version 22.7R1.4 and prior
- Ivanti ZTA Gateway - version 22.8R2.2
- Ivanti Neurons for Secure Access - version 22.8R1.3 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 928 | Adobe Security Advisory. [Published Date: 2025-08-13]
[Id:2025.08.13.003]
details...
On 12th August 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Animate 2023 - version 23.0.12 and prior
- Adobe Animate 2024 - version 24.0.9 and prior
- Adobe Commerce B2B - multiple versions
- Adobe Commerce - multiple versions
- Adobe Dimension - version 4.1.3 and prior
- Adobe FrameMaker - version FrameMaker 2020 Update 8 and prior
- Adobe FrameMaker - version FrameMaker 2022 Update 6 and prior
- Adobe Illustrator 2024 - version 28.7.8 and prior
- Adobe Illustrator 2025 - version 29.6.1 and prior
- Adobe InCopy - version 20.4 and prior
- Adobe InCopy - version 19.5.4 and prior
- Adobe InDesign - version ID19.5.4 and prior
- Adobe InDesign - version ID20.4 and prior
- Adobe Magento Open Source - multiple versions
- Adobe Photoshop 2024 - version 25.12.3 and prior
- Adobe Photoshop 2025 - version 26.8 and prior
- Adobe Substance 3D Modeler - version 1.22.0 and prior
- Adobe Substance 3D Painter - version 11.0.2 and prior
- Adobe Substance 3D Sampler - version 5.0.3 and prior
- Adobe Substance 3D Stager - version 3.1.3 and prior
- Adobe Substance 3D Viewer - version 0.25 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 929 | Fortinet Security Advisory. [Published Date: 2025-08-13]
[Id:2025.08.13.004]
details...
On 12th August 2025, Fortinet published security advisories to address vulnerabilities in multiple products.
Review the following advisories and apply the necessary updates:
| Fortinet |
| 930 | SAP security advisory - August 2025 monthly rollup. [Published Date: 2025-08-12]
[Id:2025.08.12.001]
details...
On 12th August 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP S/4HANA (Private Cloud or On-Premise) - versions S4CORE 102, 103, 104, 105, 106, 107 and 108
- SAP Landscape Transformation (Analysis Platform) - versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731 and 2011_1_752, 2020
- SAP Business One (SLD) - versions B1_ON_HANA 10.0 and SAP-M-BO 10.0
- SAP S/4HANA (Bank Communication Management) - versions SAP_APPL 606, SAP_FIN 617, 618, 720, 730, S4CORE 102, 103, 104, 105, 106, 107 and 108
- SAP NetWeaver Application Server for ABAP - multiple versions and platforms
- SAP NetWeaver ABAP Platform - versions S4CRM 100, 200, 204, 205, 206, S4CEXT 107, 108, 109, BBPCRM 713 and 714
- SAP NetWeaver Enterprise Portal (OBN component) - version EP-RUNTIME 7.50
- ABAP Platform - versions SAP_BASIS 758, SAP_BASIS 816 and SAP_BASIS 916
- SAP GUI for Windows - version BC-FES-GUI 8.00
- SAP S/4HANA (Supplier invoice) - versions S4CORE 102, 103, 104, 105, 106, 107, 108 and 109
- SAP NetWeaver - versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H and 75I
- SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Manager) - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 and 9.16
- SAP Cloud Connector - version SAP_CLOUD_CONNECTOR 2.0
- SAP Fiori (Launchpad) - version SAP_UI 754
Review the SAP Security Patch Day - August 2025 and apply the necessary updates. | SAP |
| 931 | IBM Security Advisory. [Published Date: 2025-08-11]
[Id:2025.08.11.001]
details...
Between 4th to 10th August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 932 | Dell Security Advisory. [Published Date: 2025-08-11]
[Id:2025.08.11.002]
details...
Between 4th to 10th August 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Networking OS10 - versions prior to 10.5.6.10
- Dell SupportAssist OS Recovery - versions prior to 5.5.14.0
- PowerScale OneFS - version 9.11.0.0
- PowerScale OneFS - versions 9.5.0.0 to 9.10.1.2
Review the following advisories and apply the necessary updates:
| Dell |
| 933 | Ubuntu Security Advisory. [Published Date: 2025-08-11]
[Id:2025.08.11.003]
details...
Between 4th to 10th August 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 934 | Red Hat Security Advisory. [Published Date: 2025-08-11]
[Id:2025.08.11.004]
details...
Between 4th to 10th August 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 935 | WinRAR Security advisory. [Published Date: 2025-08-11]
[Id:2025.08.11.005]
details...
30th July 2025, WinRAR published security advisories to address vulnerabilities in WinRAR - versions prior to 7.13.
Review the WinRaR Security Advisory and apply the necessary updates. | WinRAR |
| 936 | Juniper Networks Security Advisory. [Published Date: 2025-08-08]
[Id:2025.08.08.001]
details...
On 7th August 2025, Juniper Networks published security advisories to address vulnerabilities in Juniper Secure Analytics (JSA) - versions 7.5.0 to versions prior to 7.5.0 UP12 IF03.
Review the Juniper Networks Security Advisories and apply the necessary updates. | juniper |
| 937 | Microsoft Edge Security Advisory. [Published Date: 2025-08-08]
[Id:2025.08.08.002]
details...
| Microsoft |
| 938 | Microsoft Exchange Security Advisory. [Published Date: 2025-08-07]
[Id:2025.08.07.001]
details...
On 6th August 2025, Microsoft published a security update to address vulnerabilities in the following products.
- Exchange Server 2016 CU23 - (KB5050674)
- Exchange Server 2019 CU14 - (KB5050673)
- Exchange Server 2019 CU15 - (KB5050672)
- Exchange Server Subscription Edition RTM - (KB5047155)
Review the following Microsoft Security Advisory and apply the necessary updates
- If using Exchange hybrid, review Microsoft's guidance, Exchange Server Security Changes for Hybrid Deployments, to determine if your Microsoft hybrid deployments are potentially affected and available for a Cumulative Update (CU).
- Install Microsoft's April 2025 Exchange Server Hotfix Updates on the on-premise Exchange server and follow Microsoft's configuration instructions. Deploy a dedicated Exchange hybrid app.
- Exchange hybrid (or have previously configured Exchange hybrid but no longer use it), review Microsoft's Service Principal Clean-Up Mode for guidance on resetting the service principal's keyCredentials.
- Upon completion, run the Microsoft Exchange Health Checker to determine if further steps are required.
| Microsoft |
| 939 | Adobe Security Advisory. [Published Date: 2025-08-06]
[Id:2025.08.06.001]
details...
| Adobe |
| 940 | HPE Security Advisory. [Published Date: 2025-08-06]
[Id:2025.08.06.002]
details...
On 5th August 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Brocade SANnav Management Portal - version prior to 2.4.0a
- Brocade Fabric OS - versions 9.1.0 to 9.2.2
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 941 | Trend Micro Security Advisory. [Published Date: 2025-08-06]
[Id:2025.08.06.003]
details...
On 5th August 2025, Trend Micro published security advisories to address vulnerabilities in Trend Micro Apex One (on-prem) Management Server - version 14039 and prior.
Review the following Trend Micro Security Advisory and apply the necessary updates
| Trendmicro |
| 942 | Phishing campaign on the Cyber Space of Bangladesh [Published Date: 2025-08-06]
[Id:2025.08.06.004]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 943 | Cisco Security Advisory. [Published Date: 2025-08-06]
[Id:2025.08.06.005]
details...
On 6th August 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Identity Services Engine (ISE) - versions prior to 3.0, versions 3.1, 3.2 and 3.3
- Cisco ISE Passive Identity Connector (ISE-PIC) - versions prior to 3.0, versions 3.1, 3.2 and 3.3
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 944 | Splunk Security Advisory. [Published Date: 2025-08-06]
[Id:2025.08.06.006]
details...
On 6th August 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk AppDynamics On-Premises Enterprise Console - versions prior to 25.4.0
- Splunk AppDynamics Cluster Agent - versions prior to 25.6.0
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 945 | HPE Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.001]
details...
On 1st August 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Private Cloud AI - versions prior to v1.5
- HPE Telco IP Mediation - versions prior to 8.5.1-0B
- HPE Telco Service Orchestrator - versions prior to v5.3.4
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 946 | IBM Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.002]
details...
Between 28th July and 3rd August 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 947 | Dell Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.003]
details...
Between 28th July and 3rd August 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.02.05.00
- Dell Avamar Data Store Gen4T, Gen5A - versions 19.10, 19.10-SP1, 19.12, 19.7, 19.8 and 19.9
- Dell Avamar Network Data Management Protocol (NDMP) Accelerator - versions 19.10, 19.10-SP1, 19.12, 19.7, 19.8 and 19.9
- Dell Avamar VMware Image Backup Proxy - versions 19.10, 19.10-SP1, 19.12, 19.7, 19.8 and 19.9
- Dell Avamar Virtual Edition - versions 19.10, 19.10-SP1, 19.12, 19.7, 19.8 and 19.9
- Dell Networker Virtual Edition (NVE) versions 19.5, 19.6, 19.7, 19.8, 19.9, 19.10, 19.11 and 19.12
- Dell Networking OS10 - versions prior to 10.5.5.15
- Dell PowerProtect DP Series Appliance (IDPA) - versions prior to 2.7.8
- Dell PowerStore 1000X, 3000X, 5000X, 7000X, 9000X - versions prior to ESXi70U3w-24784741
- Dell Unity Operating Environment (OE) - versions prior to 5.5.1
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 948 | Ubuntu Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.004]
details...
Between 28th July and 3rd August 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 949 | Android security advisory - August 2025 Monthly Rollup. [Published Date: 2025-08-05]
[Id:2025.08.05.005]
details...
On 4th August 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 950 | Red Hat Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.006]
details...
Between 28th July and 3rd August 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 951 | Google Chrome Security Advisory. [Published Date: 2025-08-05]
[Id:2025.08.05.007]
details...
On 28th July and 3rd August 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 139.0.7258.66/67 (Windows/Mac) and 139.0.7258.66 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 952 | HPE Security Advisory. [Published Date: 2025-08-01]
[Id:2025.08.01.001]
details...
On 30th July 2025, HPE published a security advisory to address vulnerabilities in HPE Telco Service Activator - versions prior to 10.3.2.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 953 | Microsoft Edge Security Advisory. [Published Date: 2025-08-01]
[Id:2025.08.01.002]
details...
| Microsoft |
| 954 | Apple Security Advisory. [Published Date: 2025-07-31]
[Id:2025.07.31.001]
details...
On 30th July 2025, Apple published security advisories to address vulnerabilities in Safari - versions prior to 18.6.
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 955 | SUSE Linux Security Advisory. [Published Date: 2025-07-31]
[Id:2025.07.31.002]
details...
On 8th July 2025, SUSE published security updates to address vulnerabilities in the following products:
- SUSE Linux Enterprise Micro 5.5
- SUSE Linux Enterprise Server 15 SP6
- SUSE Manager Proxy 5.0 Extension
- SUSE Manager Retail Branch Server 5.0 Extension
- SUSE Manager Server 5.0 Extensions
Review the provided Apple Security Advisory and apply the necessary updates | SUSE Linux |
| 956 | HPE Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.001]
details...
On 30th July 2025, HPE published a security advisory to address vulnerabilities in HPE Telco Intelligent Assurance - versions prior to FAS and PDO 4.2.10.
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 957 | Drupal Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.002]
details...
On 30th July 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Config Pages - versions prior to 2.18.0
- GoogleTag Manager - versions prior to 1.10.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 958 | Splunk Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.003]
details...
On 30th July 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk User Behavior Analytics (UBA) - versions prior to 5.4.3
- Enterprise Security - versions prior to 7.3.4
- Enterprise Security - versions prior to 8.1.0
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 959 | Google Chrome Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.004]
details...
On 29th July 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 138.0.7204.183/.184 (Windows/Mac) and 138.0.7204.183 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 960 | SonicWall Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.005]
details...
On 29th July 2025, SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Gen7 hardware Firewalls - version 7.2.0-7015 and prior
- Gen7 virtual Firewalls (NSv) - version 7.2.0-7015 and prior
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 961 | Palo Alto Networks Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.006]
details...
On 28th July 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- GlobalProtect App 6.2 Linux - versions prior to 6.2.9
- GlobalProtect App 6.1 Linux - all versions
- GlobalProtect App 6.0 Linux - all versions
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 962 | Node-SAML Security Advisory. [Published Date: 2025-07-30]
[Id:2025.07.30.007]
details...
| Node-SAML |
| 963 | SolarWinds Security Advisory. [Published Date: 2025-07-29]
[Id:2025.07.29.001]
details...
Between 24th July and 28th July 2025, SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SolarWinds Observability Self-Hosted - version SWOSH 2025.2 and prior
- SolarWinds Web Help Desk - version 12.8.6 and prior
Review the following SolarWinds Security Advisory and apply the necessary updates.
| Solarwinds |
| 964 | VMware Security Advisory [Published Date: 2025-07-29]
[Id:2025.07.29.002]
details...
On 29th July 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Cloud Foundation - version 9.0.0.0
- VMware vSphere Foundation - version 9.0.0.0
- VMware vCenter - version 8.0
- VMware vCenter - version 7.0
- VMware Cloud Foundation - version 5.x
- VMware Cloud Foundation - version 4.5.x
- VMware Telco Cloud Platform - versions 5.x and 2.x
- VMware Telco Cloud Infrastructure - version 2.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 965 | Apple Security Advisory. [Published Date: 2025-07-29]
[Id:2025.07.29.003]
details...
On 29th July 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 18.5
- iPadOS - versions prior to 17.7.7
- macOS Sequoia - versions prior to 15.5
- macOS Sonoma - versions prior to 14.7.6
- macOS Ventura - versions prior to 13.7.6
- Safari - versions prior to 18.5
Review the provided Apple Security Advisory and apply the necessary updates.
| Apple |
| 966 | IBM Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.001]
details...
Between 21st and 27th July 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 967 | Dell Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.002]
details...
Between 21st July and 27th July 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Gen4T - version 19.12
- Dell Avamar Data Store Gen4T - versions 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
- Dell Avamar Data Store Gen5A - version 19.12
- Dell Avamar Data Store Gen5A - versions 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
- Dell Avamar Virtual Edition for VMware ESXi and vSphere - version 19.12
- Dell Avamar Virtual Edition for VMware ESXi and vSphere - versions 19.10, 19.10-SP1, 19.7, 19.8, 19.9, and 19.4
- Dell Avamar Virtual Edition for VMware vSphere only - version 19.12
- Dell Avamar Virtual Edition for VMware vSphere only - versions 19.10, 19.10-SP1, 19.7, 19.8, 19.9, and 19.4
- Dell CyberSense - versions prior to 8.12
- Dell Data Protection Central - version 19.7.x to 19.12
- Dell Intel E810 Adapters and Intel E823 LOM - versions prior to 24.0.0
- Dell Intel I350 and X550 Adapters - versions prior to 24.0.0
- Dell Intel X710, XXV710, and XL710 Adapters - versions prior to 24.0.0
- Dell Networking OS10 - versions prior to 10.5.4.16
- Dell PowerProtect DP Series (Integrated Data Protection Appliance (IDPA) Appliance - versions prior to 2.7.8
- Dell SmartFabric Storage Software - version prior to 1.4.4
- Dell ThinOS 10 for Multiple Google Chrome - multiple versions and models
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 968 | Ubuntu Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.003]
details...
Between 21st and 27th July 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 969 | Red Hat Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.004]
details...
Between 21st July and 27th July 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 970 | Atlassian Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.005]
details...
On 15th July 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Bulletin - 15th July 2025 and Security Advisory and apply the necessary update. | Atlassian |
| 971 | Microsoft Edge Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.006]
details...
| Microsoft |
| 972 | GitHub Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.007]
details...
| Github |
| 973 | BeyondTrust Security Advisory. [Published Date: 2025-07-28]
[Id:2025.07.28.008]
details...
On 28th July 2025, GitHub published a security update to address vulnerabilities in Privilege Management for Windows - versions prior to 25.4.270.0.
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 974 | Situational Alert for CII, Energy Sectors, Banks. [Published Date: 2025-07-24]
[Id:2025.07.24.003]
details...
| BGD e-GOV CIRT (BDNCIRT) |
| 975 | VMware Security Advisory. [Published Date: 2025-07-24]
[Id:2025.07.24.001]
details...
On 24th July 2025, VMware published security advisories to address vulnerabilities in the following products:
- Tanzu Platform for Cloud Foundry - version 4.0.38+LTS-T
- Tanzu Platform for Cloud Foundry - version 6.0.18+LTS-T
- Tanzu Platform for Cloud Foundry - version 10.0.8
- Tanzu Platform for Cloud Foundry - version 10.2.1+LTS-T
Review the following advisories and apply the necessary updates:
| Vmware |
| 976 | HPE Security Advisory. [Published Date: 2025-07-24]
[Id:2025.07.24.002]
details...
On 24th July 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Service Orchestrator - versions prior to v5.0.2
- HPE Telco Service Orchestrator - versions prior to v4.2.1
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 977 | Google Chrome Security Advisory. [Published Date: 2025-07-23]
[Id:2025.07.23.001]
details...
On 22nd July 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 138.0.7204.168/.169 (Windows/Mac) and 138.0.7204.168 (Linux).
Review the Google security bulletins and apply the necessary updates.
| Google |
| 978 | GitLab Security Advisory. [Published Date: 2025-07-23]
[Id:2025.07.23.002]
details...
On 23rd July 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.2.1, 18.1.3 and 18.0.5
- GitLab Enterprise Edition (EE) - versions prior to 18.2.1, 18.1.3 and 18.0.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 979 | SonicWall Security Advisory. [Published Date: 2025-07-23]
[Id:2025.07.23.003]
details...
On 23rd July 2025, SonicWall published a security advisory to address vulnerabilities in SonicWall SMA 100 Series (SMA 210, 410, 500v) - version 10.2.1.15-81sv and prior.
Review the following SonicWall Security Advisory and apply the necessary updates:
| Sonicwall |
| 980 | JavaScript Form-Data security advisory. [Published Date: 2025-07-23]
[Id:2025.07.23.004]
details...
On 22nd July 2025, JavaScript (NPM Inc.) published a security advisory to address vulnerabilities in the following products:
- Form-data library - versions prior to 2.5.4
- Form-data library - versions 3.0.0 to 3.0.3
- Form-data library - versions 4.0.0 to 4.0.3
Review the JavaScript form-data library Security Advisory and apply the necessary updates. | JavaScript |
| 981 | Mitel Security Advisory. [Published Date: 2025-07-23]
[Id:2025.07.23.005]
details...
On 23rd July 202,5, Mitel published security advisories to address vulnerabilities in the following products:
- MiVoice MX-ONE - versions 3 (7.3.0.0.50) to 7.8 SP1 (7.8.1.0.14)
- MiCollab - versions 10.0 (10.0.0.26) to 10.0 SP1 FP1 (10.0.1.101) and version 9.8 SP3 (9.8.3.1) and prior
Review the following advisories and apply the necessary updates:
| Mitel |
| 982 | Mozilla Security Advisory. [Published Date: 2025-07-22]
[Id:2025.07.22.001]
details...
On 22nd June 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox for iOS - versions prior to 141
- Firefox ESR - versions prior to 140.1
- Firefox ESR - versions prior to 128.13
- Firefox ESR - versions prior to 115.26
- Firefox - versions prior to 141
Review the following advisories and apply the necessary updates:
| Mozilla |
| 983 | Cisco security advisory (Cisco ISE and ISE-PIC) - Update 1 [Published Date: 2025-07-22]
[Id:2025.07.22.002]
details...
On 25th June 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco ISE and ISE-PIC - versions prior to 3.3 Patch 7
- Cisco ISE and ISE-PIC - versions prior to 3.4 Patch 2
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 984 | Sophos Security Advisory. [Published Date: 2025-07-22]
[Id:2025.07.22.003]
details...
On 21st July 2025, Sophos published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Sophos Firewall - version v21.0 GA (21.0.0) and prior
- Sophos Firewall - version v21.5 GA (21.5.0) and prior
Review the following Sophos Security Advisory and apply the necessary updates
| Sophos |
| 985 | Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) [Published Date: 2025-07-21]
[Id:2025.07.21.001]
details...
On 20th July 2025, Microsoft Releases Guidance on the Exploitation of SharePoint Vulnerability (CVE-2025-53770).
This active exploitation of a new remote code execution (RCE) vulnerability enables unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as "ToolShell," provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.
Review the following Microsoft Guidance and apply the necessary updates:
- For information on detection, prevention, and advanced threat hunting measures, see Microsoft's Customer Guidance for SharePoint Vulnerability and advisory for CVE-2025-49706. You are encouraged to review all articles and security updates published by Microsoft on 8th July, 2025, that are relevant to the SharePoint platform deployed in your environment.
- Monitor for POSTs to
/_layouts/15/ToolPane.aspx?DisplayMode=Edit
- Conduct scanning for IPs
107.191.58[.]76, 104.238.159[.]149, and 96.9.125[.]147, particularly between 18 and 19 July, 2025.
- Update intrusion prevention system and web-application firewall rules to block exploit patterns and anomalous behavior.
- Implement comprehensive logging to identify exploitation activity.
| Microsoft |
| 986 | Microsoft Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.002]
details...
On 19th June 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Microsoft SharePoint Server Subscription Edition - versions prior to KB5002768
- Microsoft SharePoint Server 2016 (No update available yet)
- Microsoft SharePoint Server 2019 - versions prior to KB5002754
Review the following advisories and apply the necessary updates:
| Microsoft |
| 987 | CrushFTP Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.003]
details...
On 18th June 2025, CrushFTP published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- CrushFTP - versions 10 prior to 10.8.5
- CrushFTP - versions 11 prior to 11.3.4_23
Review the CrushFTP Update, follow the recommended mitigation, and apply the necessary updates.
| CrushFTP |
| 988 | IBM Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.004]
details...
Between 14th and 20th July 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 989 | Dell Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.005]
details...
Between 14th July and 20th July 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell AMD-based PowerEdge Server - multiple versions and models
- Dell AppSync - versions prior to 4.6.0.4
- Dell Connectrix B-Series - versions 2.3.0 to 2.3.1a
- Dell Connectrix B-Series - versions 9.1.0 to 9.2.2
- Dell Connectrix B-Series - versions prior to 2.4.0
- Dell Data Protection Central - versions 19.8 to 19.12.1
- Dell Data Protection Central - versions prior to 19.12.0-2
- Dell EMC XC Core XC7525 - versions prior to 2.19.0
- Dell Networking OS10 - versions prior to 10.6.0.5
- Dell PowerEdge T40 - versions prior to 1.20.0
- Dell XC Core XC7625 - versions prior to 1.11.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 990 | Red Hat Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.006]
details...
Between 10th July and 20th July 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 991 | ISC BIND Security Advisory. [Published Date: 2025-07-21]
[Id:2025.07.21.007]
details...
On 16th July 2025, ISC published security advisories to address vulnerabilities in the following product:
- ISC BIND 9 - versions 9.11.3-S1 to 9.16.50-S1
- ISC BIND 9 - versions 9.18.11-S1 to 9.18.37-S1
- ISC BIND 9 - versions 9.20.9-S1 to 9.20.10-S1
- ISC BIND 9 - versions 9.20.0 to 9.20.10
- ISC BIND 9 - versions 9.21.0 to 9.21.9
Review the following advisories and apply the necessary updates:
| ISC |
| 992 | Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) - Update 2. [Published Date: 2025-07-21]
[Id:2025.07.21.008]
details...
On 19th July 2025, Microsoft published a customer guidance for a critical SharePoint vulnerability CVE-2025-53770 that appears to be affecting all versions of on-premises SharePoint Server1. SharePoint Online in Microsoft 365 is not impacted.
CVE-2025-53770 involves the deserialization of untrusted data in on-premises Microsoft SharePoint Servers, allowing an unauthorised attacker to execute code over a network.
On 21st July 2025, Microsoft released emergency patches for the following versions of SharePoint:
- Microsoft SharePoint Server Subscription Edition
- Microsoft SharePoint Server 2019
As of 21st July 2025, there are presently no patches available for Microsoft SharePoint Server 2016.
Potential indicators of compromise
The following indicators of compromise (IoCs) have been shared by the cyber security research community 2 as a starting point for compromise detection.
- Verify the presence of the following file: C:\PROGRA~1\COMMON~1\MICROS~1\WEBSER~1\16\TEMPLATE\LAYOUTS\spinstall0.aspx
- SHA256:92bb4ddb98eeaf11fc15bb32e71d0a63256a0ed826a03ba293ce3a8bf057a514
- Monitor IIS logs for POST requests to /_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx with a HTTP referer of /_layouts/SignOut.aspx
- Verify network logs for scanning or exploitation attempts from IPs 107.191.58[.]76, 104.238.159[.]149, and 96.9.125[.]147, particularly since July 17, 2025.
- Check for presence of file hashes that may indicate compromise3 and 4 :
- SHA256:4a02a72aedc3356d8cb38f01f0e0b9f26ddc5ccb7c0f04a561337cf24aa84030
- SHA256:b39c14becb62aeb55df7fd55c814afbb0d659687d947d917512fe67973100b70
- SHA256:fa3a74a6c015c801f5341c02be2cbdfb301c6ed60633d49fc0bc723617741af7
- SHA256:27c45b8ed7b8a7e5fff473b50c24028bd028a9fe8e25e5cea2bf5e676e531014
- SHA256:8d3d3f3a17d233bc8562765e61f7314ca7a08130ac0fb153ffd091612920b0f2
- SHA256:b336f936be13b3d01a8544ea3906193608022b40c28dd8f1f281e361c9b64e93
- SHA256:f917e0fd57784e40d9a41069f30b2b5cf83db29b52072c308ff030eaf1fcd764
Suggested actions
If your SharePoint Server is accessible via the internet, it is recommended to assess potential security compromises and consider isolating the affected instance until patching and threat hunt exercises are complete.
Additionally, the Cyber Centre strongly recommends that organizations follow Microsoft customer guidance for mitigation advice:
- Use or upgrade to supported versions of on-premises Microsoft SharePoint Server.
- Apply the latest security updates from Microsoft.
- Enable Antimalware Scan Interface (AMSI) integration in SharePoint Server.
- integration was enabled by default in the September 2023 security update for SharePoint Server 2016/2019 and the Version 23H2 feature update for SharePoint Server Subscription Edition5.
- Deploy a compatible AMSI-capable antivirus/antimalware provider across all SharePoint servers.
- Rotate SharePoint Server ASP.NET machine key
- Organizations who are running SharePoint 2016 are encouraged to monitor Microsoft's advsiories1 and apply the patches as soon as it is available.
Please note that the identified evidence that AMSI may not consistently offer comprehensive protection against this form of exploitation, as threat actors frequently adapt their methods to evade detection. | Microsoft |
| 993 | HPE Security Advisory. [Published Date: 2025-07-17]
[Id:2025.07.17.001]
details...
On 16th July 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Service Orchestrator - versions prior to v4.2.4
- HPE AutoPass License Server - versions prior to 9.18
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 994 | Microsoft Edge Security Advisory. [Published Date: 2025-07-17]
[Id:2025.07.17.002]
details...
| Microsoft |
| 995 | Nodejs Security Advisory. [Published Date: 2025-07-17]
[Id:2025.07.17.003]
details...
On 15th July 2025, Nodejs published a security advisory to address vulnerabilities in the following products:
- Node.js 20 - versions prior to v20.19.4
- Node.js 22 - versions prior to v22.17.1
- Node.js 24 - versions prior to v24.4.1
Review the Nodejs Security Releases and apply the necessary updates. | NodeJjs |
| 996 | HPE Security Advisory. [Published Date: 2025-07-17]
[Id:2025.07.17.004]
details...
On 16th July 2025, HPE published a security advisory to address vulnerabilities in HP-UX 11i Secure Shell Software - versions prior to A.09.30.010
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 997 | Google Chrome Security Advisory. [Published Date: 2025-07-16]
[Id:2025.07.16.001]
details...
On 15th July 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop versions prior to 138.0.7204.157/.158 (Windows/Mac) and 138.0.7204.157 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 998 | HPE Security Advisory. [Published Date: 2025-07-16]
[Id:2025.07.16.002]
details...
On 16th July 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Service Orchestrator - versions prior to v5.2.1
- HPE Cray XD670 - version prior to TPM Firmware v7.86
- HPE Cray XD675 - version prior to TPM Firmware v15.24
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 999 | Cisco Security Advisory. [Published Date: 2025-07-16]
[Id:2025.07.16.003]
details...
On 16th July 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Unified Intelligence Center - versions 12.5, 12.6 and 15
- Cisco Unified CCX - versions prior to 12.5(1)SU3
- Cisco Identity Services Engine (ISE) - versions prior to 3.2, versions 3.3 and 3.4
- Cisco ISE Passive Identity Connector (ISE-PIC) - versions prior to 3.2, versions 3.3 and 3.4
- Cisco Evolved Programmable Network Manager (EPNM) - versions prior to 7.1, versions 8.0 and 8.1
- Cisco Prime Infrastructure - versions prior to 3.9 and version 3.10
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 1000 | Trend Micro Security Advisory. [Published Date: 2025-07-16]
[Id:2025.07.16.004]
details...
Between 9th and 27th June 2025, Trend Micro published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Apex One 2019 (On-prem)
- Apex One as a Service SaaS
- Worry-Free Business Security (WFBS) 10.0 SP1
- Worry-Free Business Security Services (WFBSS) 6.7 (SaaS)
Review the following Trend Micro Security Advisory and apply the necessary updates
| Trendmicro |
| 1001 | Oracle Security Advisory – July 2025. [Published Date: 2025-07-16]
[Id:2025.07.16.005]
details...
| Oracle |
| 1002 | VMware Security Advisory. [Published Date: 2025-07-15]
[Id:2025.07.15.001]
details...
On 15th July 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Cloud Foundation - version 9.0.0.0
- VMware vSphere Foundation - version 9.0.0.0
- VMware ESXi - version 8.0
- VMware ESXi - version 8.0
- VMware ESXi - version 7.0
- VMware Workstation - version 17.x
- VMware Fusion - version 13.x
- VMware Cloud Foundation - version 5.x
- VMware Cloud Foundation - version 4.5.x
- VMware Telco Cloud Platform - versions 5.x and 4.x
- VMware Telco Cloud Platform - versions 3.x and 2.x
- VMware Telco Cloud Infrastructure - versions 3.x and 2.x
- VMware Tools [1] - version 13.x.x
- VMware Tools [1] - versions 12.x.x and 11.x.x
- VMware Tools - versions 13.x.x, 12.x.x and 11.x.x
- VMware Tools - versions 13.x.x, 12.x.x and 11.x.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 1003 | Zyxel Security Advisory. [Published Date: 2025-07-15]
[Id:2025.07.15.002]
details...
On 15th July 2025, Zyxel published security advisories to address vulnerabilities in the following products:
- NWA50AX - versions prior to 7.10(ABYW.1)
- NWA50AX PRO - versions prior to 7.10(ACGE.2)
- NWA55AXE - versions prior to 7.10(ABZL.1)
- NWA90AX - versions prior to 7.10(ACCV.1)
- NWA90AX PRO - versions prior to 7.10(ACGF.2)
- NWA110AX - versions prior to 7.10(ABTG.1)
- NWA130BE - versions prior to 7.10(ACIL.2)
- NWA210AX - versions prior to 7.10(ABTD.1)
- NWA220AX-6E - versions prior to 7.10(ACCO.1)
- NWA1123AC PRO - versions prior to 6.28(ABHD.3)
- WAC500H - versions prior to 6.70(ABWA.6)
- WAC5302D-Sv2 - versions prior to 6.25(ABVZ.9)
- WAC6103D-I - versions prior to 6.28(AAXH.3)
- WAX300H - versions prior to 7.10(ACHF.1)
- WAX510D - versions prior to 7.10(ABTF.1)
- WAX610D - versions prior to 7.10(ABTE.1)
- WAX620D-6E - versions prior to 7.10(ACCN.1)
- WAX630S - versions prior to 7.10(ABZD.1)
- WAX640S-6E - versions prior to 7.10(ACCM.1)
- WAX650S - versions prior to 7.10(ABRM.1)
- WAX655E - versions prior to 7.10(ACDO.1)
- WBE530 - versions prior to 7.10(ACLE.2)
- WBE660S - versions prior to 7.10(ACGG.2)
Review the following advisories and apply the necessary updates:
| Zyxel |
| 1004 | IBM Security Advisory. [Published Date: 2025-07-14]
[Id:2025.07.14.001]
details...
Between 7th and 13th July 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1005 | Dell Security Advisory. [Published Date: 2025-07-14]
[Id:2025.07.14.002]
details...
Between 7th July and 13th July 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell PowerFlex Manager - version 4.6.2 and prior
- Dell UCC Edge - versions prior to 3.0.1
Review the following advisories and apply the necessary updates:
| Dell |
| 1006 | Ubuntu Security Advisory. [Published Date: 2025-07-14]
[Id:2025.07.14.003]
details...
Between 7th and 13th July 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
- Ubuntu 25.04
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1007 | Red Hat Security Advisory. [Published Date: 2025-07-14]
[Id:2025.07.14.004]
details...
Between 7th July and 13th July 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1008 | Juniper Networks Security Advisory. [Published Date: 2025-07-10]
[Id:2025.07.10.001]
details...
On 9th and 10th July, 2025, Juniper Networks published security advisories to address vulnerabilities in multiple products.
Review the Juniper Networks Security Advisories and apply the necessary updates. | juniper |
| 1009 | Drupal Security Advisory. [Published Date: 2025-07-10]
[Id:2025.07.10.002]
details...
On 8th July 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cookies Addons - versions prior to 1.2.4
- Mail_login 3.x - versions prior to 3.2.0
- Mail_login 4.x - versions prior to 4.2.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 1010 | HPE security advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.001]
details...
Between 7th and 8th July 2025, HPE published a security advisory to address vulnerabilities in the following products:
- Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy - versions 9.1.0 to 9.2.2
- HPE B-series Fibre Channel Switch - multiple versions and models
- HPE Compute Scale-up Server 3200 - versions prior to v1.60.88
- HPE Networking Instant On Access Point - version 3.2.0.1 and prior
- HPE ProLiant Cray Servers ** - multiple versions and models
- HPE SANnav Management Software SANnav base OS (OVA deployment) - versions prior to 2.4.0a
- HPE SN6750B 64Gb 48/128 48-port 64Gb Short Wave SFP56 Port Side Intake Integrated FC Switch - versions 9.1.0 to 9.2.2
- HPE SN8600B 4-slot SAN Director Switch - versions 9.1.0 to 9.2.2
- HPE SN8600B 8-slot SAN Director Switch - versions 9.1.0 to 9.2.2
- HPE SN8700B 4-slot SAN Director Switch - versions 9.1.0 to 9.2.2
- HPE SN8700B 8-slot SAN Director Switch - versions 9.1.0 to 9.2.2
- HPE Storage Fibre Channel Switch B-series SN3700B - version 22
- HPE Superdome Flex 280 Server - versions prior to v2.00.12
- HPE Superdome Flex Server - versions prior to v4.10.18
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1011 | ServiceNow Security Advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.002]
details...
On 8th July 2025, ServiceNow published a security bulletin to address vulnerabilities in the ServiceNow Now Platform - multiple versions.
Review the ServiceNow security advisories and apply the necessary updates. | ServiceNow |
| 1012 | Citrix Security Advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.003]
details...
On 8th July 2025, Citrix published security advisories to address vulnerabilities in the following products:
- Current Release (CR): Citrix Virtual Apps and Desktops - versions prior to 2503
- Long Term Service Release (LTSR): Citrix Virtual Apps and Desktops - versions 2402 LTSR CU2 and prior
Review the following advisories and apply the necessary updates:
| Citrix |
| 1013 | GitLab Security Advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.004]
details...
On 9th July 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.1.2, 18.0.4 and 17.11.6
- GitLab Enterprise Edition (EE) - versions prior to 18.1.2, 18.0.4 and 17.11.6
Review the following advisories and apply the necessary updates:
| Gitlab |
| 1014 | Jenkins Security Advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.005]
details...
On 9th July 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
- Apica Loadtest Plugin - version 1.10 and prior
- Applitools Eyes Plugin - version 1.16.5 and prior
- Aqua Security Scanner Plugin - version 3.2.8 and prior
- Credentials Binding Plugin - version 687.v619cb_15e923f and prior
- Dead Man's Snitch Plugin - version 0.1 and prior
- Git Parameter Plugin - version 439.vb_0e46ca_14534 and prior
- HTML Publisher Plugin - version 425 and prior
- IBM Cloud DevOps Plugin - version 2.0.16 and prior
- IFTTT Build Notifier Plugin - version 1.2 and prior
- Kryptowire Plugin - version 0.2 and prior
- Nouvola DiveCloud Plugin - version 1.08 and prior
- QMetry Test Management Plugin - version 1.13 and prior
- ReadyAPI Functional Testing Plugin - version 1.11 and prior
- Sensedia Api Platform tools Plugin - version 1.0 and prior
- Statistics Gatherer Plugin - version 2.0.3 and prior
- Testsigma Test Plan run Plugin - version 1.6 and prior
- User1st uTester Plugin - version 1.1 and prior
- VAddy Plugin - version 1.2.8 and prior
- Warrior Framework Plugin - version 1.2 and prior
- Xooa Plugin - version 0.0.7 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 1015 | Palo Alto Networks Security Advisory. [Published Date: 2025-07-09]
[Id:2025.07.09.006]
details...
On 9th July 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- Autonomous Digital Experience Manager 5.6.0 macOS - versions prior to 5.6.7
- GlobalProtect App 6.3 macOS - versions prior to 6.3.3-h1 (6.3.3-c650)
- GlobalProtect App 6.2 macOS - versions prior to 6.2.8-h2 (6.2.8-c243)
- GlobalProtect App 6.2 Linux - versions prior to 6.2.8
- GlobalProtect App 6.1 macOS - all versions
- GlobalProtect App 6.1 Linux - all versions
- GlobalProtect App 6.0 macOS - all versions
- GlobalProtect App 6.0 Linux - all versions
- Prisma Access Browser - versions prior to 137.16.6.120
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 1016 | SAP security advisory - July 2025 monthly rollup. [Published Date: 2025-07-08]
[Id:2025.07.08.001]
details...
On 8th July 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver ABAP Server and ABAP - multiple versions
- SAP NetWeaver ABAP Server and ABAP Platform - multiple versions
- SAP NetWeaver Application Server for ABAP - multiple versions
- SAP NetWeaver Visual Composer - version VCBASE 7.50
- SAP Business Objects Business Intelligence Platform (CMC) - version ENTERPRISE 430, 2025
- SAP Business Warehouse and SAP Plug-In Basis - multiple versions
- SAP NetWeaver Enterprise Portal Federated Portal Administration - version EP-RUNTIME 7.50
- SAP NetWeaver Enterprise Portal Federated Portal Network - version EP-RUNTIME 7.50
- SAP NetWeaver SAP NetWeaver Application Server for Java (Log Viewer) - version LMNWABASICAPPS 7.50
- SAP NetWeaver (XML Data Archiving Service) - version J2EE-APPS 7.50
- SAP Supplier Relationship Management (Live Auction Cockpit) - version SRM_SERVER 7.14
- SAP S/4HANA and SAP SCM (Characteristic Propagation) - versions SCMAPO 713, 714, S4CORE 102, 103, 104, S4COREOP 105, 106, 107, 108, SCM 700, 701, 702 and 712
Review the SAP Security Patch Day - July 2025 and apply the necessary updates. | SAP |
| 1017 | Ivanti Security Advisory. [Published Date: 2025-07-08]
[Id:2025.07.08.002]
details...
On 8th July 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Connect Secure (ICS) - version 22.7R2.7 and prior
- Ivanti Endpoint Manager - version 2022 SU8 and prior
- Ivanti Endpoint Manager - version 2024 SU2 and prior
- Ivanti Endpoint Manager Mobile - version 12.5.0.1 and prior
- Ivanti Endpoint Manager Mobile - version 12.4.0.2 and prior
- Ivanti Endpoint Manager Mobile - version 12.3.0.2 and prior
- Ivanti Policy Secure (IPS) - version 22.7R1.4 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 1018 | Fortinet Security Advisory. [Published Date: 2025-07-08]
[Id:2025.07.08.003]
details...
On 8th July 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiAnalyzer - multiple versions
- FortiAnalyzer Cloud - multiple versions
- FortiIsolator - multiple versions
- FortiManager - multiple versions
- FortiManager Cloud - multiple versions
- FortiOS 7.6 - versions 7.6.0 to 7.6.1
- FortiOS 7.4 - versions 7.4.0 to 7.4.7
- FortiOS 7.2 - versions 7.2.0 to 7.2.11
- FortiOS 7.0 - versions 7.0.1 to 7.0.16
- FortiProxy 7.6 - versions 7.6.0 to 7.6.1
- FortiProxy 7.4 - versions 7.4.0 to 7.4.8
- FortiProxy 7.2 - versions 7.2.0 to 7.2.13
- FortiProxy 7.0 - versions 7.0.0 to 7.0.20
- FortiSandbox - multiple versions
- FortiVoice 6.4 - versions 6.4.0 to 6.4.10
- FortiVoice 7.0 - versions 7.0.0 to 7.0.6
- FortiVoice 7.2 - versions 7.2.0
- FortiWeb - multiple versions
Review the following advisories and apply the necessary updates:
| Fortinet |
| 1019 | Microsoft Security Advisory - July 2025 monthly rollup. [Published Date: 2025-07-08]
[Id:2025.07.08.004]
details...
On 8th July 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Microsoft 365 Apps - multiple versions and platforms
- Microsoft Office 2016 - multiple platforms
- Microsoft Office 2019 - multiple platforms
- Microsoft Office for Android
- Microsoft Office LTSC 2021 - multiple platforms
- Microsoft Office LTSC 2024 - multiple platforms
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft Word 2016 - multiple platforms
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server 2008 - multiple platforms
- Windows Server 2012 - multiple platforms
- Windows Server 2016 - multiple platforms
- Windows Server 2019 - multiple platforms
- Windows Server 2022 - multiple platforms
- Windows Server 2025 - multiple platforms
- Microsoft SQL Server - multiple platforms
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 1020 | Adobe Security Advisory. [Published Date: 2025-07-08]
[Id:2025.07.08.005]
details...
On 8th July 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe After Effects - version 24.6.6 and prior
- Adobe After Effects - version 245.2 and prior
- Adobe Audition - version 24.6.3 and prior
- Adobe Audition - version 25.2 and prior
- Adobe ColdFusion - multiple versions
- Adobe Connect Windows App - version 24 and prior
- Adobe Dimension - version 4.1.2 and prior
- Adobe Experience Manager (AEM) Forms on JEE - version 6.5.23.0 and prior
- Adobe Experience Manager (AEM) Screens - version AEM 6.5.22 Screens FP11.4
- Adobe FrameMaker - version FrameMaker 2020 Update 8 and prior
- Adobe FrameMaker - version FrameMaker 2022 Update 6 and prior
- Adobe Illustrator 2024 - version 28.7.6 and prior
- Adobe Illustrator 2025 - version 29.5.1 and prior
- Adobe InCopy - version 19.5.3 and prior
- Adobe InCopy - version 20.3 and prior
- Adobe InDesign - version ID20.3 and prior
- Adobe InDesign - version ID19.5.3 and prior
- Adobe Substance 3D Stager - version 3.1.2 and prior
- Adobe Substance 3D Viewer - version 0.22 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1021 | OpenSSL Security Advisory [Published Date: 2025-07-08]
[Id:2025.07.08.006]
details...
On 22nd May 2025, OpenSSL published a security bulletin to address vulnerabilities in the OpenSSL x509 application.
Review the OpenSSL Security News and apply the necessary updates. | Openssh |
| 1022 | HPE Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.001]
details...
On 2nd July 2025, HPE published a security advisory to address vulnerabilities in HPE Telco Service Orchestrator - versions prior to v5.3.3.
Review the HPE security bulletins and apply the necessary updates.
| HPE |
| 1023 | Ubuntu Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.002]
details...
Between 30th and 6th July 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1024 | IBM Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.003]
details...
Between 30th and 6th July 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1025 | Qualcomm Security Advisory - July 2025 monthly rollup. [Published Date: 2025-07-07]
[Id:2025.07.07.004]
details...
On 7th July 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 1026 | Red Hat Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.005]
details...
Between 30th June and 6th July 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1027 | Dell Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.006]
details...
Between 30th June and 6th July 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Apex Cloud Platform for Red Hat Openshift - versions prior to 03.01.03.00
- Dell Enterprise SONiC Distribution - versions prior to 4.5.0
- Dell Integrated System for Microsoft Azure Stack Hub 14G - versions prior to 2504
- Dell Integrated System for Microsoft Azure Stack Hub 16G - versions prior to 2504
- Dell ObjectScale 4.0.0.1 - versions prior to 4.0.0.1
- Dell Protection Advisor - versions 19.9 to 19.12
Review the following advisories and apply the necessary updates:
| Dell |
| 1028 | Splunk Security Advisory. [Published Date: 2025-07-07]
[Id:2025.07.07.007]
details...
On 7th July 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Cloud Platform - versions prior to 9.3.2411.103
- Splunk Cloud Platform - versions prior to 9.3.2408.113
- Splunk Cloud Platform - versions prior to 9.2.2406.119
- Splunk DB Connect - versions prior to 4.0.0
- Splunk Enterprise - versions 9.4.0 to 9.4.2
- Splunk Enterprise - versions 9.3.0 to 9.3.4
- Splunk Enterprise - versions 9.2.0 to 9.2.6
- Splunk Enterprise - versions 9.1.0 to 9.1.9
- Splunk Enterprise Cloud - versions prior to 9.3.2411.107
- Splunk Enterprise Cloud - versions prior to 9.3.2408.117
- Splunk Enterprise Cloud - versions prior to 9.2.2406.121
- splunk/universalforwarder - versions 9.4.0 to 9.4.2
- splunk/universalforwarder - versions 9.3.0 to 9.3.4
- splunk/universalforwarder - versions 9.2.0 to 9.2.6
- splunk/universalforwarder - versions 9.1.0 to 9.1.9
- Splunk SOAR - versions prior to 6.4.1
Review the Splunk Security Advisories and apply the necessary updates. | Splunk |
| 1029 | Trend Micro Security Advisory. [Published Date: 2025-07-05]
[Id:2025.07.05.001]
details...
On 1st July 2025, Trend Micro published security advisories to address vulnerabilities in Trend Micro Security for Windows versions prior to 17.8.1476.
Review the Trend Micro security bulletins and apply the necessary updates.
| Trendmicro |
| 1030 | VMware Security Advisory. [Published Date: 2025-07-05]
[Id:2025.07.05.002]
details...
On 4th June 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Tanzu Greenplum - version 7.5.0
- VMware Tanzu GemFire - version 9.15.16
- VMware Tanzu Greenplum - version 6.30.0
- VMware Tanzu for Valkey - version 8.1.2
- VMware Tanzu for Postgres on Kubernetes - version 4.2.1
Review the following advisories and apply the necessary updates:
| Vmware |
| 1031 | Microsoft Edge Security Advisory [Published Date: 2025-07-03]
[Id:2025.07.03.001]
details...
| Microsoft |
| 1032 | Citrix Security Advisory. [Published Date: 2025-07-03]
[Id:2025.07.03.002]
details...
On 2nd July 2025, Citrix published a security Advisory to address a vulnerability in XenServer 8.4
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1033 | Drupal Security Advisory. [Published Date: 2025-07-03]
[Id:2025.07.03.003]
details...
On 2nd July 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Config Pages Viewer - versions prior to 1.0.4
- Two-factor Authentication (TFA) - versions prior to 1.11.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 1034 | Google Chrome Security Advisory. [Published Date: 2025-07-02]
[Id:2025.07.02.001]
details...
On 30th June 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 138.0.7204.96/97 (Windows/Mac) and 138.0.7204.92 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1035 | Cisco Security Advisory. [Published Date: 2025-07-02]
[Id:2025.07.02.002]
details...
On 2nd July 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco BroadWorks Application Delivery Platform - versions prior to RI.2025.05
- Cisco Enterprise Chat and Email - version 11 and versions prior to 12.6(1)_ES11
- Cisco Spaces Connector - versions prior to Connector 3-Jun 2025
- Cisco Unified Communications Manager - versions 15.0.1.13010-1 to 15.0.1.13017-1
- Cisco Unified Communications Manager Session Management Edition Engineering Special (ES) - versions 15.0.1.13010-1 to 15.0.1.13017-1
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 1036 | Ubuntu Security Advisory. [Published Date: 2025-07-01]
[Id:2025.07.01.001]
details...
Between 23rd and 29th June 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 1037 | IBM Security Advisory. [Published Date: 2025-07-01]
[Id:2025.07.01.002]
details...
Between 23rd and 30th June 2025, IBM published security advisories to address vulnerabilities in multiple products.
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1038 | MongoDB Security Advisory. [Published Date: 2025-06-29]
[Id:2025.06.29.001]
details...
On 27th June 2025, MongoDB published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- MongoDB Server v6.0 - versions prior to 6.0.21
- MongoDB Server v7.0 - versions prior to 7.0.17
- MongoDB Server v8.0 - versions prior to 8.0.5
Review the MongoDB security bulletins and apply the necessary updates. | MongoDB |
| 1039 | Brother Products Security Advisory. [Published Date: 2025-06-29]
[Id:2025.06.29.002]
details...
On 25th June 2025, Brother published a security update to address vulnerabilities in multiple products (including laser printers).
Review the Japan CIRT or Brother Security advisories and apply the necessary updates. | Brother Products |
| 1040 | Microsoft Edge Security Advisory [Published Date: 2025-06-27]
[Id:2025.06.27.001]
details...
| Microsoft |
| 1041 | HPE Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.001]
details...
Between 23rd June and 24th June 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE Telco Unified OSS Console - version prior to v3.1.16
- HPE OneView for VMware vCenter with Operations Manager and Log Insight - versions prior to v11.7
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 1042 | Mozilla Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.002]
details...
On 24th June 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox ESR - versions prior to 128.12
- Firefox ESR - versions prior to 115.25
- Firefox - versions prior to 140
Review the following advisories and apply the necessary updates:
| Mozilla |
| 1043 | Google Chrome Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.003]
details...
On 24th June 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 138.0.7204.49/50 (Windows/Mac) and 138.0.7204.50 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1044 | GitLab Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.004]
details...
On 25th June 2025, GitLab published a security advisory to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.1.1, 18.0.3 and 17.11.5
- GitLab Enterprise Edition (EE) - versions prior to 18.1.1, 18.0.3 and 17.11.5
Review the following advisories and apply the necessary updates:
| Gitlab |
| 1045 | Splunk Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.005]
details...
On 23rd June 2025, Splunk published a security update to address vulnerabilities in the following products.
- splunk/splunk - version 9.4.1
- splunk/splunk - versions 9.3.0 to 9.3.3
- splunk/splunk - versions 9.2.0 to 9.2.5
- splunk/splunk - versions 9.1.0 to 9.1.8
- splunk/universalforwarder - version 9.4.1
- splunk/universalforwarder - versions 9.3.0 to 9.3.3
- splunk/universalforwarder - versions 9.2.0 to 9.2.5
- splunk/universalforwarder - versions 9.1.0 to 9.1.8
- Splunk Operator for Kubernetes - versions prior to 2.8.0
- Splunk AppDynamics Smart Agent - versions prior to 25.5.1
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 1046 | TeamViewer Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.006]
details...
| Teamviewer |
| 1047 | Trend Micro Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.007]
details...
On 20th June 2025, Trend Micro published security advisories to address vulnerabilities in Trend Micro Password Manager - versions prior to 5.8.0.1327.
Review the Trend Micro security bulletins and apply the necessary updates. | Trendmicro |
| 1048 | Citrix Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.008]
details...
On 25th June 2025, Citrix published security advisories to address vulnerabilities in the following products:
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 14.1-47.46
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 13.1-59.19
- NetScaler ADC 13.1-FIPS and NDcPP - versions prior to 13.1-37.236-FIPS and NDcPP
Review the following advisories and apply the necessary updates:
| Citrix |
| 1049 | Cisco Security Advisory. [Published Date: 2025-06-25]
[Id:2025.06.25.009]
details...
On 25th June 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco ISE and ISE-PIC - versions prior to 3.3
- Cisco ISE and ISE-PIC - versions prior to 3.4
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 1050 | Dell Security Advisory. [Published Date: 2025-06-24]
[Id:2025.06.24.001]
details...
Between 16th June and 22nd June 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Connectrix B-Series - versions 9.0.0 to 9.2.2
- Dell Connectrix B-Series - versions prior to 2.4.0
- Dell Connectrix B-Series - versions prior to 9.2.2
- Dell Container Storage Modules - versions prior to 1.14
- Dell EMC XC Core XC7525 - versions prior to 2.14.1
- Dell Policy Manager for Secure Connect Gateway - versions prior to 5.28.00.14
- Dell PowerEdge C6525 - versions prior to 2.14.1
- Dell PowerEdge R6515 - versions prior to 2.14.1
- Dell PowerEdge R6525 - versions prior to 2.14.1
- Dell PowerEdge R7515 - versions prior to 2.14.1
- Dell PowerEdge R7525 - versions prior to 2.14.1
- Dell PowerEdge XE8545 - versions prior to 2.14.1
- Dell PowerFlex Custom Node - versions prior to 1.11.2
- Dell PowerFlex Custom Node - versions prior to 1.16.2
- Dell PowerFlex Custom Node - versions prior to 2.18.1
- Dell PowerFlex Custom Node - versions prior to 2.5.4
- Dell VxFlex Ready Node - versions prior to 2.23.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1051 | GitHub Security Advisory. [Published Date: 2025-06-24]
[Id:2025.06.24.002]
details...
On 18th June 2025, GitHub published a security advisory to address a critical vulnerability in the following products:
- GitHub Enterprise Server - versions 3.17.x prior to 3.17.1
- GitHub Enterprise Server - versions 3.16.x prior to 3.16.4
- GitHub Enterprise Server - versions 3.15.x prior to 3.15.8
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.13
- GitHub Enterprise Server - versions 3.13.x prior to 3.13.16
Review the following advisories and apply the necessary updates:
| Github |
| 1052 | Dell Security Advisory. [Published Date: 2025-06-24]
[Id:2025.06.24.003]
details...
Between 23rd June and 29th June 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- iDRAC10 - versions prior to 1.20.50.50
- NetWorker - versions 19.12 to 19.12.0.1 and versions prior to 19.11.0.5
- Dell Open Manage Network Integration - versions prior to 3.7
- Dell PowerMax EEM 5978 - versions prior to 5978.714.714.10730
- Dell PowerMax EEM 10.2.0.1 - versions prior to 10.2.01 Patch 10732
- Dell PowerMaxOS 5978 - versions prior to 5978.714.714.10730
- Dell PowerMax OS 10.2.0.1 - versions prior to 10.2.0.1 Patch 10732
- PowerProtect Cyber Recovery - versions prior to 19.20
- Dell Secure Connect Gateway - Appliance -versions prior to 5.30.0.14
- Solutions Enabler - versions prior to 9.2.4.11 and versions prior to 10.2.0.5
- Dell Storage Monitoring and Reporting - versions prior to 5.1.1.0
- Dell Storage Resource Manager (SRM) - versions prior to 5.1.1.0
- Unisphere for PowerMax - versions prior to 9.2.4.17 and versions prior to 10.2.0.12
- Unisphere 360 - versions prior to 9.2.4.37
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 1053 | IBM Security Advisory. [Published Date: 2025-06-23]
[Id:2025.06.23.001]
details...
Between 16th and 22nd June 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Cloud Pak for Data - versions 3.5 and 4.5
- IBM Cloud Pak for Data - versions 4.8.0 to 4.8.9, 5.0.0 to 5.0.3 and 5.1.0 to 5.1.3
- IBM Cloudera Data Platform Private Cloud Base with IBM (CDP) - versions 7.1.7 SP3 and 7.1.9 SP1
- IBM Cloudera Data Platform Private Cloud Data Services with IBM - versions 1.5.3 and 1.5.4
- IBM Cloudera Data Platform Streaming with IBM - versions 7.1.7 SP3 and 7.1.9 SP1
- IBM Cloudera Data Platform Streams Messaging Base with IBM Version - versions 7.1.7 SP3 and 7.1.9 SP1
- IBM Data Virtualization on Cloud Pak for Data - versions 3.1.0 to 3.1.2
- IBM Data Virtualization on Cloud Pak for Data - versions 1.7.0 to 1.7.8
- IBM Data Virtualization on Cloud Pak for Data - versions 1.8.0 to 1.8.3
- IBM Data Virtualization on Cloud Pak for Data - versions 3.0.0 to 3.0.3
- IBM Edge Data Collector - version 9.0.9
- IBM Event Processing - versions 1.0.0 to 1.3.2
- IBM Fusion HCI for watsonx - versions 2.8.2 to 2.9.0
- IBM Fusion HCI - versions 2.2.0 to 2.9.0
- IBM Fusion - versions 2.2.0 to 2.9.1
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP12 IF01
- IBM Storage Fusion Data Foundation - version 4.18.4
- IBM Watson Query on Cloud Pak for Data - versions 2.0.0 to 2.0.4
- IBM Watson Query on Cloud Pak for Data - versions 2.1.0 to 2.1.3
- IBM Watson Query on Cloud Pak for Data - versions 2.2.0 to 2.2.8
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.1.3
- IBM watsonx Code Assistant On Prem - versions 5.0 to 5.1.2
- IBM watsonx.data - version 2.1.3
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1054 | Ubuntu Security Advisory. [Published Date: 2025-06-23]
[Id:2025.06.23.002]
details...
Between 16th and 22nd June 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1055 | Fortinet Security Advisory. [Published Date: 2025-06-23]
[Id:2025.06.23.003]
details...
On 23rd June 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiOS 7.4 - versions 7.4.0 to 7.4.3
- FortiOS 7.2 - versions 7.2.0 to 7.2.7
- FortiOS 7.0 - versions 7.0.0 to 7.0.14
- FortiOS 6.4 - all versions
- FortiOS 6.2 - all versions
- FortiOS 6.0 - all versions
- FortiPAM 1.2 - all versions
- FortiPAM 1.1 - all versions
- FortiPAM 1.0 - all versions
- FortiProxy 7.4 - versions 7.4.0 to 7.4.3
- FortiProxy 7.2 - versions 7.2.0 to 7.2.9
- FortiProxy 7.0 - versions 7.0.0 to 7.0.16
- FortiProxy 2.0 - all versions
- FortiProxy 1.2 - all versions
- FortiProxy 1.1 - all versions
- FortiProxy 1.0 - all versions
- FortiSwitchManager 7.2 - versions 7.2.0 to 7.2.3
- FortiSwitchManager 7.0 - versions 7.0.1 to 7.0.3
Review the following advisories and apply the necessary updates:
| Fortinet |
| 1056 | Microsoft Edge Security Advisory [Published Date: 2025-06-22]
[Id:2025.06.22.001]
details...
| Microsoft |
| 1057 | Atlassian Security Advisory. [Published Date: 2025-06-19]
[Id:2025.06.19.001]
details...
On 17th June 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Bulletin - 17th June 2025 and Security Advisory and apply the necessary update. | Atlassian |
| 1058 | Cisco Security Advisory. [Published Date: 2025-06-19]
[Id:2025.06.19.002]
details...
On 18th June 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway - multiple models
- Secure Endpoint Connector for Linux - versions prior to 1.26.1
- Secure Endpoint Connector for Mac - versions prior to 1.26.1
- Secure Endpoint Connector for Windows - versions prior to 7.5.21 and 8.4.5
- Secure Endpoint Private Cloud - versions prior to 4.2.2
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 1059 | Citrix Security Advisory. [Published Date: 2025-06-18]
[Id:2025.06.18.001]
details...
On 17th June 2025, Citrix published security advisories to address vulnerabilities in the following products:
- Citrix Secure Access Client for Windows - versions prior to 25.5.1.15
- NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 14.1-43.56
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 13.1-58.32
- NetScaler ADC 13.1-FIPS and NDcPP - versions prior to 13.1-37.235-FIPS and NDcPP
- NetScaler ADC 12.1-FIPS - versions prior to 12.1-55.328-FIPS
- NetScaler Console 14.1 - versions prior to 14.1.47.46
- NetScaler Console 13.1 - versions prior to 13.1.58.32
- NetScaler SDX (SVM) 14.1 - versions prior to 14.1.47.46
- NetScaler SDX (SVM) 13.1 - versions prior to 13.1.58.32
Review the following advisories and apply the necessary updates:
| Citrix |
| 1060 | BeyondTrust Security Advisory. [Published Date: 2025-06-18]
[Id:2025.06.18.002]
details...
On 16th June 2025. BeyondTrust published a security advisory to address vulnerabilities in the following products:
- Remote Support - version 24.2.2 to 24.2.4, 24.3.1 to 24.3.3, and 25.1.1
- Privileged Remote Access - version 24.2.2 to 24.2.4, 24.3.1 to 24.3.3, and 25.1.1
Review the following advisories and apply the necessary updates:
| Beyondtrust |
| 1061 | Veeam Security Advisory. [Published Date: 2025-06-18]
[Id:2025.06.18.003]
details...
On 17th June 2025, Veeam published security advisories to address vulnerabilities in the following products:
- Veeam Backup & Replication - version 12.3.1.1139 and prior
- Veeam Agent for Microsoft Windows - version 6.3.1.1074 and prior
Review the following advisories and apply the necessary updates:
| Veeam |
| 1062 | Apache Tomcat Security Advisory. [Published Date: 2025-06-18]
[Id:2025.06.18.004]
details...
On 16th June 2025, Apache published a security advisory to address vulnerabilities in the following products:
- Apache Tomcat - versions 11.0.0-M1 to 11.0.7
- Apache Tomcat - versions 10.1.0-M1 to 10.1.41
- Apache Tomcat - versions 9.0.0.M1 to 9.0.105
Review the provided Apache Security Advisory and apply the necessary updates. | Apache |
| 1063 | Red Hat Security Advisory. [Published Date: 2025-06-17]
[Id:2025.06.17.001]
details...
Between June 9th and 15th, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1064 | IBM Security Advisory. [Published Date: 2025-06-17]
[Id:2025.06.17.002]
details...
Between 9th and 15th June 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- API Connect - version V10.0.5.0 to V10.0.5.9
- API Connect - version V10.0.8.0 to V10.0.8.2-iFix1
- IBM DataPower Gateway 10.6CD - versions 10.6.1.0 to 10.6.3.0
- IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - multiple versions
- IBM MQ Operator - multiple versions
- IBM Robotic Process Automation - version 21.0.0 to 21.0.7.20 and version 23.0.0 to 23.0.20.1
- IBM Robotic Process Automation for Cloud Pak - version 21.0.0 to 21.0.7.20 and version 23.0.0 to 23.0.20.1
- IBM Security QRadar EDR - version 3.12
- IBM supplied MQ Advanced container images - multiple versions
- PowerVC - version 2.2.0, 2.2.1, 2.2.1.1, 2.2.1.2 and 2.3.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1065 | Dell Security Advisory. [Published Date: 2025-06-17]
[Id:2025.06.17.003]
details...
Between 9th and 15th June 2025, Dell published security advisories to address vulnerabilities in the Dell iDRAC Tools - versions prior to 11.3.0.0.
Review the following advisories and apply the necessary updates:
| Dell |
| 1066 | Google Chrome Security Advisory. [Published Date: 2025-06-17]
[Id:2025.06.17.004]
details...
On 17th June 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 137.0.7151.119/.120 (Windows/Mac) and 137.0.7151.119 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1067 | GitLab Security Advisory. [Published Date: 2025-06-13]
[Id:2025.06.13.001]
details...
On 11th June 2025, GitLab published security advisories to address vulnerabilities in the following products:
- GitLab Community Edition (CE) - versions prior to 18.0.2, 17.11.4, and 17.10.8
- GitLab Enterprise Edition (EE) - versions prior to 18.0.2, 17.11.4, and 17.10.8
Review the following advisories and apply the necessary updates:
| Gitlab |
| 1068 | Trend Micro Security Advisory. [Published Date: 2025-06-13]
[Id:2025.06.13.002]
details...
On 9th June 2025, Trend Micro published security advisories to address vulnerabilities in Trend Micro Apex One.
Review the Trend Micro security bulletins and apply the necessary updates. | Trendmicro |
| 1069 | Situational Alert on recent Cyber Threats. [Published Date: 2025-06-13]
[Id:2025.06.13.003]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 1070 | Apache Security Advisory. [Published Date: 2025-06-12]
[Id:2025.06.12.001]
details...
On 18th April and 10th June, Apache published security advisories to address vulnerabilities in the following products:
- Apache CloudStack - versions 4.0.0 to 4.20.0.0 and versions 4.0.0 to 4.19.2.0
- Apache ActiveMQ NMS OpenWire Client - versions prior to 2.1.
Review the following advisories and apply the necessary updates:
| Apache |
| 1071 | Palo Alto Networks Security Advisory. [Published Date: 2025-06-12]
[Id:2025.06.12.002]
details...
On 11th June 2025, Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:
- GlobalProtect App 6.3 macOS - versions prior to 6.3.3
- GlobalProtect App 6.2 macOS - versions prior to 6.2.8-h2
- GlobalProtect App 6.1 macOS - all versions
- GlobalProtect App 6.0 macOS - all versions
- PAN-OS 11.2 - versions prior to 11.2.6
- PAN-OS 11.1 - versions prior to 11.1.10
- PAN-OS 11.0 - versions prior to 11.0.3
- PAN-OS 10.2 - versions prior to 10.2.14
- PAN-OS 10.1 - all versions
- Prisma Access Browser - versions prior to 136.24.1.93
Review the following advisories and apply the necessary updates:
| Palo Alto Networks |
| 1072 | Red Hat Security Advisory. [Published Date: 2025-06-11]
[Id:2025.06.11.001]
details...
Between June 2nd and June 8th, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1073 | Mozilla Security Advisory. [Published Date: 2025-06-10]
[Id:2025.06.10.001]
details...
On 10th June 2025, Mozilla published security advisory to address vulnerabilities in Firefox - versions prior to 139.0.4.
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1074 | SAP security advisory - June 2025 monthly rollup. [Published Date: 2025-06-10]
[Id:2025.06.10.002]
details...
On 10th June 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP NetWeaver Application Server for ABAP - versions KERNEL 7.89, 7.93, 9.14 and 9.15
- SAP GRC (AC Plugin) - versions GRCPINW V1100_700 and V1100_731
- SAP Business Warehouse and SAP Plug-In Basis - versions PI_BASIS 2006_1_700, 701, 702, 731, 740, SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, 758, 914 and 915
- SAP BusinessObjects Business Intelligence (BI Workspace) - versions ENTERPRISE 430, 2025 and 2027
- SAP NetWeaver Visual Composer - version VCBASE 7.50
- SAP MDM Server - versions MDM_SERVER 710.750
Review the SAP Security Patch Day – June 2025 and apply the necessary updates. | SAP |
| 1075 | HPE Security Advisory. [Published Date: 2025-06-10]
[Id:2025.06.10.003]
details...
On 10th June 2025, HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Private 5G Core - versions 1.24.1.0 to 1.25.1.0.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1076 | Microsoft Security Advisory - June 2025 Monthly Rollup. [Published Date: 2025-06-10]
[Id:2025.06.10.004]
details...
On 10th June 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Windows Storage Management Provider
- Windows Cryptographic Services
- .NET and Visual Studio
- Windows Remote Desktop Services
- Windows Win32K - GRFX
- Windows Common Log File System Driver
- Windows Installer
- Remote Desktop Client
- Windows Media
- Windows SMB
- Windows Recovery Driver
- Windows Storage Port Driver
- Windows Local Security Authority Subsystem Service (LSASS)
- Windows DHCP Server
- Windows DWM Core Library
- WebDAV
- Microsoft Local Security Authority Server (lsasrv)
- Windows Local Security Authority (LSA)
- Windows Routing and Remote Access Service (RRAS)
- Windows Kernel
- Windows Standards-Based Storage Management Service
- App Control for Business (WDAC)
- Windows Netlogon
- Windows KDC Proxy Service (KPSSVC)
- Windows Shell
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Office Excel
- Microsoft Office Word
- Microsoft Office Outlook
- Microsoft Office PowerPoint
- Windows Remote Access Connection Manager
- Windows Security App
- Visual Studio
- Windows SDK
- Power Automate
- Microsoft AutoUpdate (MAU)
- Windows Hello
- Nuance Digital Engagement Platform
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 1077 | Adobe Security Advisory. [Published Date: 2025-06-10]
[Id:2025.06.10.005]
details...
On 10th June 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Acrobat DC - version 25.001.20521 and prior
- Acrobat Reader DC - version 25.001.20521 and prior
- Acrobat 2024 - version 24.001.30235 and prior
- Acrobat 2020 - version 20.005.30763 and prior
- Acrobat Reader 2020 - version 20.005.30763 and prior
- Adobe Commerce and Commerce B2B - multiple versions
- Adobe Experience Manager (AEM) - version 6.5.22 and prior
- Adobe InCopy - version 20.2 and prior, and version 19.53 and prior
- Adobe InDesign - version ID20.2 and prior, and version ID19.5.3 and prior
- Adobe Substance 3D Painter - version 11.0.1 and prior
- Adobe Substance 3D Sampler - version 5.0 and prior
- Magento Open Source - multiple versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1078 | Google Chrome Security Advisory. [Published Date: 2025-06-10]
[Id:2025.06.10.006]
details...
On 10th June 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 137.0.7151.103/.104 (Windows/Mac) and 137.0.7151.103 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1079 | Ubuntu Security Advisory. [Published Date: 2025-06-09]
[Id:2025.06.09.001]
details...
Between 2nd June and 8th June 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 1080 | IBM Security Advisory. [Published Date: 2025-06-09]
[Id:2025.06.09.002]
details...
Between 2nd June to 8th June 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- GDSC Platform On-prem - version 3.7.1
- IBM Concert Software - versions 1.0.0 to 1.0.5
- IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
- IBM Security Verify Governance - version 10.0.2
- IBM Security Verify Governance - Identity Manager Virtual Appliance – version 10.0.2
- Maximo AI Service - version 9.0.5
- QRadar Suite Software - versions 1.10.12.0 to 1.11.2.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1081 | Dell Security Advisory. [Published Date: 2025-06-09]
[Id:2025.06.09.003]
details...
Between 2nd June and 8th June 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell SD-WAN EDGE610/610-LTE - versions prior to 2.6
- Dell SD-WAN EDGE620/640/680 - versions prior to 2.6
- Dell SmartFabric Manager - versions prior to 1.3.0
- PowerSwitch E3200-ON Series - versions prior to 3.57.5.1-5
- PowerSwitch N2200 Series - versions prior to 3.45.5.1-31
- PowerSwitch N3200-ON Series - versions prior to 45.5.1-31
- PowerSwitch S5448F-ON - versions prior to 3.52.5.1-12
- PowerSwitch Z9432F-ON - versions prior to 3.51.5.1-21
- PowerSwitch Z9264F-ON - versions prior to 3.42.5.1-21
- VEP1400 (VEP1425/1445/1485) - versions prior to 2.6
Review the following advisories and apply the necessary updates:
| Dell |
| 1082 | Ubuntu Security Advisory. [Published Date: 2025-06-09]
[Id:2025.06.09.004]
details...
Between 9th and 15th June 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1083 | Updated Guidance on Play Ransomware. [Published Date: 2025-06-07]
[Id:2025.06.07.001]
details...
On 4th June 2025. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) have issued an updated advisory on Play Ransomware, also known as Playcrypt. This advisory highlights new tactics, techniques, and procedures used by the Play ransomware group and provides updated indicators of compromise (IOCs) to enhance threat detection.
Since June 2022, Playcrypt has targeted diverse businesses and critical infrastructure across North America, South America, and Europe, becoming one of the most active ransomware groups in 2024. As of May 2025, the FBI has identified approximately 900 entities allegedly exploited by these ransomware actors.
Review and implement the recommendations provided in the joint CSA to reduce the likelihood and impact of Play and other ransomware incidents. | CISA |
| 1084 | HPE Security Advisory. [Published Date: 2025-06-06]
[Id:2025.06.06.001]
details...
On 4th June 2025, HPE published a security advisory to address vulnerabilities in HPE Insight Remote Support - versions prior to 7.15.0.646.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1085 | Jenkins Security Advisory. [Published Date: 2025-06-06]
[Id:2025.06.06.002]
details...
On 6th June 2025, Jenkins published a security advisory to address vulnerabilities in Gatling Plugin - version 136.vb_9009b_3d33a_e and prior.
Review the Jenkins Security Advisory and apply the necessary updates. | Jenkins |
| 1086 | Android security advisory - June 2025 Monthly Rollup. [Published Date: 2025-06-06]
[Id:2025.06.06.003]
details...
On 2nd June 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1087 | VMware Security Advisory. [Published Date: 2025-06-05]
[Id:2025.06.05.001]
details...
On 4th June 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Cloud Foundation - versions 5.0.x, 5.1.x and 5.2.x
- VMware NSX - versions 4.0.x, 4.1.x, 4.2.1.x and 4.2.x
- VMware Telco Cloud Infrastructure - versions 2.x and 3.x
- VMware Telco Cloud Platform - versions 3.x, 4.x and 5.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 1088 | Situational Awareness for Eid-ul-Adha Holidays. [Published Date: 2025-06-04]
[Id:2025.06.04.004]
details...
| BDNCIRT |
| 1089 | HPE Security Advisory. [Published Date: 2025-06-04]
[Id:2025.06.04.001]
details...
On 3rd June 2025 HPE published a security advisory to address vulnerabilities in HPE Telco Service Orchestrator - versions prior to v5.3.2.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1090 | Microsoft Edge Security Advisory [Published Date: 2025-06-04]
[Id:2025.06.04.002]
details...
| Microsoft |
| 1091 | Cisco Security Advisory. [Published Date: 2025-06-04]
[Id:2025.06.04.003]
details...
On 4th June 2025, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Cisco Identity Services Engine on Cloud Platforms (AWS) - versions 3.1, 3.2, 3.3 and 3.4
- Cisco Identity Services Engine on Cloud Platforms (Azure) - versions 3.2, 3.3 and 3.4
- Cisco Identity Services Engine on Cloud Platforms (OCI) - versions 3.2, 3.3 and 3.4
- Cisco Integrated Management Controller - UCS B-Series Blade Servers
- Cisco Integrated Management Controller - UCS C-Series Rack Servers
- Cisco Integrated Management Controller - UCS S-Series Storage Servers
- Cisco Integrated Management Controller - UCS X-Series Modular System
- Cisco Nexus Dashboard Fabric Controller (NDFC) - versions prior to 3.2(2f)
Review the following Cisco Security Advisory and apply the necessary updates
| Cisco |
| 1092 | SolarWinds Security Advisory. [Published Date: 2025-06-03]
[Id:2025.06.03.001]
details...
On 2nd June 2025, SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Platform – version 12.3.1.20 and prior.
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1093 | Splunk Security Advisory. [Published Date: 2025-06-03]
[Id:2025.06.03.002]
details...
On 2nd June 2025, Splunk published a security update to address vulnerabilities in the following products.
- Splunk Enterprise - versions prior to 9.4.2, 9.3.4, 9.2.6 and 9.1.9
- Splunk Universal Forwarder - versions prior to 9.4.2, 9.3.4, 9.2.6 and 9.1.9
- Splunk Universal Forwarder for Windows - versions prior to 9.4.2, 9.3.4, 9.2.6 and 9.1.9
Review the following Splunk Security Advisory and apply the necessary updates:
| Splunk |
| 1094 | Google Chrome Security Advisory. [Published Date: 2025-06-03]
[Id:2025.06.03.003]
details...
On 02nd June 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 137.0.7151.68/.69 (Windows/Mac) and 137.0.7151.68 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1095 | Qualcomm Security Advisory - June 2025 monthly rollup. [Published Date: 2025-06-03]
[Id:2025.06.03.004]
details...
On 2nd June 2025, Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 1096 | Red Hat Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.001]
details...
Between 26th May and 1st June 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Power LE - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1097 | Dell Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.002]
details...
Between 26th May and 1st June 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.03.01.00
- Dell Avamar - multiple versions and products
- Dell Connectrix SANnav - versions prior to 2.3.1a
- Dell NetWorker Runtime Environment (NRE) - version 8.0.24
- Dell NetWorker Virtual Edition (NVE) - multiple versions
- Dell PowerProtect DP Series Appliance (IDPA) - versions prior to 2.7.8
- Dell ThinOS - multiple versions
- Dell VxRail Appliance - versions 7.0.000 to 7.0.541
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 1098 | IBM Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.003]
details...
Between 26th May and 1st June 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Astronomer with IBM - version 0.36.1
- IBM DataStage on Cloud Pak for Data - versions 8.9 and 5.1.3
- IBM® Db2® - version 1.0 to 11.1.4.7, 11.5.0 to 11.5.9 and 12.1.0 to 12.1.1
- IBM DS8900F and DS8A00 - multiple products and versions
- IBM Guardium Data Protection - version 0
- IBM InfoSphere Information Server - version 7
- IBM Maximo Application Suite - Monitor Component - multiple versions
- IBM Observability with Instana (OnPrem) - Build 1.0.292 to 1.0.295
- IBM Process Mining - version 0.1
- IBM Rapid Infrastructure Automation - multiple versions
- IBM Guardium Data Protection - version 0
- IBM SPSS Collaboration and Deployment Services - version 5
- IBM Tivoli Monitoring - versions 6.3.0.7 to 6.3.0.7 Service Pack 19
- IBM Watson Discovery Cartridge ICP - Discovery - version 0.0 to 5.0.3
- IBM Watson Knowledge Catalog on-prem - Discovery - versions 8.6 and 4.8.7
- IBM Watson Knowledge Catalog on-prem - Discovery - versions 0.2, 5.0.3 and 5.1
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1099 | Roundcube Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.004]
details...
On 1st June 2025, Roundcube published security advisories to address vulnerabilities in the following products:
- Webmail - versions prior to 1.5.10
- Webmail - versions prior to 1.6.11
Review the following advisories and apply the necessary updates:
| Roundcube |
| 1100 | HPE Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.005]
details...
Between 30th May and 2nd June 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE StoreOnce Software – versions prior to 4.3.11
- HPE OneView – versions prior to v10.00
Review the following HPE Security Advisory and apply the necessary updates:
| HPE |
| 1101 | Ubuntu Security Advisory. [Published Date: 2025-06-02]
[Id:2025.06.02.006]
details...
Between 26th May and 1st June 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1102 | Microsoft Edge Security Advisory. [Published Date: 2025-05-30]
[Id:2025.05.30.001]
details...
| Microsoft |
| 1103 | Mozilla Security Advisory. [Published Date: 2025-05-27]
[Id:2025.05.27.001]
details...
On 27th May 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox ESR - versions prior to 128.11
- Firefox ESR - versions prior to 115.24
- Firefox - versions prior to 139
Review the following advisories and apply the necessary updates:
| Mozilla |
| 1104 | Citrix Security Advisory. [Published Date: 2025-05-27]
[Id:2025.05.27.002]
details...
On 27th May 2025 Citrix published a security Advisory to address a vulnerability in XenServer VM Tools for Windows - versions prior to 9.4.1.
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1105 | Google Chrome Security Advisory. [Published Date: 2025-05-27]
[Id:2025.05.27.003]
details...
On 27th May 2025, Google released security updates to address multiple vulnerabilities affecting Stable Channel Chrome for Desktop - versions prior to 137.0.7151.55/56 (Windows/Mac) and 137.0.7151.55 (Linux).
Review the Google security bulletins and apply the necessary updates. | Google |
| 1106 | Ubuntu Security Advisory [Published Date: 2025-05-26]
[Id:2025.05.26.001]
details...
Between 19th and 25th May 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
Ubuntu 18.04 LTS
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1107 | IBM Security Advisory. [Published Date: 2025-05-26]
[Id:2025.05.26.002]
details...
Between 19th and 25th May 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Integrated Analytics System - versions 1.0.0.0 to 1.0.30.0
- IBM Integration Bus - versions 10.1.0.0 to 10.1.0.5
- IBM MANTA Automated Data Lineage for IBM Cloud Pak for Data - versions 5.0 to 5.1.2
- IBM Maximo AI Service - version 9.0.5
- IBM Security QRadar EDR - version 3.12
- IBM watsonx Assistant Cartridge - versions 4.0 to 5.1.2
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component - versions 5.0 to 5.1.2
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1108 | Dell Security Advisory. [Published Date: 2025-05-26]
[Id:2025.05.26.003]
details...
Between 19th and 25th May 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Networking OS10 - versions prior to 10.5.6.9
- CloudBoost Virtual Appliance - versions prior to 19.12.0.1
Review the following advisories and apply the necessary updates:
| Dell |
| 1109 | Red Hat Security Advisory. [Published Date: 2025-05-26]
[Id:2025.05.26.004]
details...
Between 19th and 25th May 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for IBM - multiple versions and platforms
- Red Hat Enterprise Linux for Power - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates:
| Red Hat |
| 1110 | HPE Security Advisory. [Published Date: 2025-05-22]
[Id:2025.05.22.001]
details...
On 22nd May 2025, HPE published a security advisory to address vulnerabilities in the following products:
- HPE NonStop SSL (T0910) - multiple versions
- HPE MR-WIN6530 (T0819) - multiple versions
- HPE NonStop SSH Server (T0801) - multiple versions
Review the HPE security bulletins and apply the necessary updates.
| HPE |
| 1111 | GitLab Security Advisory. [Published Date: 2025-05-21]
[Id:2025.05.21.001]
details...
On 21st May 2025, GitHub published a security advisory to address a critical vulnerability in the following products:
- GitLab Community Edition (CE) - versions prior to 18.0.1, 17.11.3 and 17.10.7
- GitLab Enterprise Edition (EE) - versions prior to 18.0.1, 17.11.3 and 17.10.7
Review the provided GitLab Patch Release: 18.0.1, 17.11.3, 17.10.7, and perform the suggested mitigations. | Gitlab |
| 1112 | Cisco Security Advisory. [Published Date: 2025-05-21]
[Id:2025.05.21.002]
details...
On 21st May 2025, Cisco published a security advisory to address a vulnerability in the Cisco Identity Services Engine (ISE) - version 3.4.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1113 | Ubuntu Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20.001]
details...
Between 12th to 18th May 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1114 | Red Hat Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..002]
details...
Between 12th to 18th May 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1115 | IBM Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..003]
details...
Between 12th to 18th May 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Astronomer with IBM - version 0.36.1
- IBM ApplinX - version 11.1
- IBM Business Automation Workflow Enterprise Service Bus - multiple versions
- IBM Business Automation Workflow traditional - multiple versions
- IBM Event Streams - version 11.3.0 to 11.6.1
- IBM Storage Copy Data Management - version 2.2.0.0 to 2.2.25.0
- IBM watsonx Assistant for IBM Cloud Pak for Data - version 4.0.0 to 4.8.7
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1116 | Dell Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..004]
details...
Between 12th to 18th May 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.04.01.00
- RecoverPoint for Virtual Machines - versions 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2 and 6.0. SP2
- Dell EMC Networking VEP1425/1445/1485 - versions prior to 2.6
- Dell SD-WAN EDGE620/640/680 - versions prior to 3.50.0.9-21
- Dell SD-WAN EDGE610/610-LTE - versions prior to 3.43.0.9-24
- PowerFlex Appliance IC - versions prior to IC-38.367.01
- PowerSwitch Z9664F-ON - versions prior to 3.54.5.1-9
- PowerSwitch Z9432F-ON - versions prior to 3.51.5.1-21
- PowerSwitch Z9264F-ON - versions prior to 3.42.5.1-21
- PowerSwitch S5448F-ON - versions prior to 3.52.5.1-12
- PowerSwitch E3200-ON Series - versions prior to 3.57.5.1-5
- PowerSwitch N2200-ON Series - versions prior to 3.45.5.1-31
- PowerSwitch N3200-ON Series - versions prior to 3.45.5.1-31
Review the following advisories and apply the necessary updates:
| Dell |
| 1117 | Atlassian Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..005]
details...
On 20th May 2025, Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Fisheye/Crucible - version 4.9.0
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Atlassian Security Bulletin - May 20 2025 and Security Advisory and apply the necessary update. | Atlassian |
| 1118 | Mozilla Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..006]
details...
On 17th May 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- Firefox ESR - versions prior to 115.23.1
- Firefox ESR - versions prior to 128.10.1
- Firefox - versions prior to 138.0.4
Review the following advisories and apply the necessary updates:
| Mozilla |
| 1119 | VMware Security Advisory. [Published Date: 2025-05-20]
[Id:2025.05.20..007]
details...
On 20th May 2025, Mozilla published security advisories to address vulnerabilities in the following products:
- vCenter Server - versions 7.0 and 8.0
- VMware ESXi - versions 7.0 and 8.0
- VMware Cloud Foundation (vCenter) - versions 4.5.x and 5.x
- VMware Cloud Foundation (ESXi) - versions 4.5.x and 5.x
- VMware Fusion - versions 13.x
- VMware Telco Cloud Platform (ESXi) - versions 2.x, 3.x, 4.x and 5.x
- VMware Telco Cloud Infrastructure (ESXi) - versions 2.x and 3.x
- VMware Telco Cloud Platform (vCenter) - versions 2.x, 3.x, 4.x and 5.
- VMware Telco Cloud Infrastructure (vCenter) - versions 2.x and 3.x
- VMware Workstation - versions 13.x and 17.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 1120 | Microsoft Edge Security Advisory. [Published Date: 2025-05-18]
[Id:2025.05.18.001]
details...
| Microsoft |
| 1121 | Ivanti Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.001]
details...
On 13th May 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Endpoint Manager Mobile (EPMM) - version 11.12.0.4 and prior
- Ivanti Endpoint Manager Mobile (EPMM) - version 12.3.0.1 and prior
- Ivanti Endpoint Manager Mobile (EPMM) - version 12.4.0.1 and prior
- Ivanti Endpoint Manager Mobile (EPMM) - version 12.5.0.0 and prior
Review the following advisories and apply the necessary updates:
| Ivanti |
| 1122 | Adobe Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.002]
details...
On 13th May 2025, Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe Animate 2023 - version 23.0.11 and prior
- Adobe Animate 2024 - version 24.0.8 and prior
- Adobe Bridge - version 14.1.6 and prior
- Adobe Bridge - version 15.0.3 and prior
- Adobe ColdFusion 2021 - version Update 19 and prior
- Adobe ColdFusion 2023 - version Update 13 and prior
- Adobe ColdFusion 2025 - version Update 1 and prior
- Adobe Connect - version 12.8 and prior
- Adobe Dimension - version 4.1.1 and prior
- Adobe Dreamweaver - version 21.4 and prior
- Adobe Illustrator 2024 - version 28.7.5 and prior
- Adobe Illustrator 2025 - version 29.3 and prior
- Adobe InDesign - version ID19.5.2 and prior
- Adobe InDesign - version ID20.2 and prior
- Adobe Lightroom - version 8.2 and prior
- Adobe Substance 3D Modeler - version 1.21.0 and prior
- Adobe Substance 3D Stager - version 3.1.1 and prior
- Photoshop 2024 - version 25.12.2 and prior
- Photoshop 2025 - version 26.5 and prior
- Adobe Substance 3D Painter - version 11.0 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1123 | Palo Alto Networks Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.003]
details...
On 14th May 2025, Palo Alto Networks published a security advisory to address a critical vulnerability in Prisma Access Browser - versions prior to 135.16.8.96.
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1124 | Google Chrome Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.004]
details...
On 14th May 2025, Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 136.0.7103.113 for Linux and prior to versions prior to 136.0.7103.113/114 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1125 | Juniper Networks Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.005]
details...
From 9th to 13th May 2025, Juniper Networks published a security advisory to address a critical vulnerability in the following products:
- Juniper Secure Analytics - versions 7.5.0 to versions prior to 7.5.0 UP11 IF02
- Junos OS - versions 19.4R1 and later
- Junos OS Evolved - versions 22.3R1 and later
Review the following advisories and apply the necessary updates:
| juniper |
| 1126 | Jenkins Security Advisory. [Published Date: 2025-05-15]
[Id:2025.05.15.006]
details...
On 14th May 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
- Cadence vManager Plugin - version 4.0.1-286.v9e25a_740b_a_48 and prior
- DingTalk Plugin - version 2.7.3 and prior
- Health Advisor by CloudBees Plugin - version 374.v194b_d4f0c8c8 and prior
- OpenID Connect Provider Plugin - version 96.vee8ed882ec4d and prior
- WSO2 Oauth Plugin - version 1.0 and prior
Review the following advisories and apply the necessary updates:
| Jenkins |
| 1127 | IBM Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.13.010]
details...
Between the 5th to 11th May 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM App Connect Operator - multiple versions
- IBM App Connect Enterprise Certified Containers Operands - multiple versions
- IBM Application Modernization Accelerator - versions 4.0.0 to 4.1.0
- IBM Business Automation Insights - versions 24.0.0 and 24.0.1
- IBM CICS TX Advanced - versions 10.1 and 11.1
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Cloud Pak for Data System 1.0 - versions 1.0.0.0 to 1.0.8.4
- IBM Cloud Transformation Advisor - versions 2.0.1 to 4.1.0
- IBM Cognos Dashboards on Cloud Pak for Data - versions 4.8.0 to 4.8.8 and versions 5.0.0 to 5.1.2
- IBM Content Collector for Email - version 4.0.1
- IBM Content Collector for File Systems - version 4.0.1
- IBM Content Collector for Microsoft - version 4.0.1
- IBM Maximo AI Service - version 9.0.5
- IBM Maximo Application Suite - versions 8.8, 8.9 and 9.0
- IBM Maximo Application Suite - Location Service for Esri Component - version 9.0
- IBM Operational Decision Manager - multiple versions
- IBM Planning Analytics Local - IBM Planning Analytics Workspace - versions 2.0 and 2.1
- IBM Storage Scale - versions 1.7.0 to 5.1.9.8 and 5.2.2.0 to 5.2.2.1
- IBM Storage Virtualize vSphere Remote Plug-in - multiple versions
- IBM TXSeries for Multiplatforms - multiple versions
- IBM Watson Knowledge Catalog on-prem - versions 4.5.2, 4.6.6 to 4.8.6 and versions 5.0 to 5.0.3
- IBM Watson Machine Learning Accelerator on Cloud Pak for Data - versions 4.8.2 to 4.8.6 and versions 5.0 to 5.0.2
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - versions 4.8.4 to 4.8.5
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - versions 5.0.0 to 5.1.2
- IBM watsonx.data - version 2.1.2
- Red Hat OpenShift on IBM Cloud - multiple versions
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1128 | VMware Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.13.011]
details...
On 12th May 2025, VMware published security advisories to address vulnerabilities in the following products:
- VMware Aria Automation - version 8.18.x
- VMware Cloud Foundation - version 4.x and 5.x
- VMware Telco Cloud Platform - version 5.x
Review the following advisories and apply the necessary updates:
| Vmware |
| 1129 | Apple Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.14.001]
details...
On 12th May 2025, Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 18.5
- iPadOS - versions prior to 17.7.7
- macOS Sequoia - versions prior to 15.5
- macOS Sonoma - versions prior to 14.7.6
- macOS Ventura - versions prior to 13.7.6
- Safari - versions prior to 18.5
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1130 | Fortinet Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.14.002]
details...
On 13th May 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiCamera 1.1 - all versions
- FortiCamera 2.0 - all versions
- FortiCamera 2.1 - version 2.1.0 to 2.1.3
- FortiMail - version 7.0.0 to 7.0.8
- FortiMail - version 7.2.0 to 7.2.7
- FortiMail - version 7.4.0 to 7.4.4
- FortiMail - version 7.6.0 to 7.6.2
- FortiNDR - version 1.1 to 1.4
- FortiNDR - version 1.5.0 to 1.5.3
- FortiNDR - version 7.0.0 to 7.0.6
- FortiNDR - version 7.1.0 to 7.1.1
- FortiNDR - version 7.2.0 to 7.2.4
- FortiNDR - version 7.4.0 to 7.4.7
- FortiNDR - version 7.6.0
- FortiOS - version 7.4.4 to 7.4.6
- FortiOS - version 7.6.0
- FortiProxy - version 7.6.0 to 7.6.1
- FortiRecorder - version 6.4.0 to 6.4.5
- FortiRecorder - version 7.0.0 to 7.0.5
- FortiRecorder - version 7.2.0 to 7.2.3
- FortiSwitchManager - version 7.2.5
- FortiVoice - versions 6.4.0 to 6.4.10
- FortiVoice - versions 7.0.0 to 7.0.6
- FortiVoice - versions prior to 7.2.0
Review the following advisories and apply the necessary updates:
| Fortinet |
| 1131 | SAP security advisory - May 2025 monthly rollup. [Published Date: 2025-05-13]
[Id:2025.05.14.003]
details...
On 13th May 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP Business Objects Business Intelligence Platform (PMW) - versions ENTERPRISE 430, 2025 and 2027
- SAP Landscape Transformation (PCL Basis) - versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107 and 108
- SAP NetWeaver (Visual Composer development server) - version VCFRAMEWORK 7.50
- SAP Supplier Relationship Management (Live Auction Cockpit) - version SRM_SERVER 7.14
- SAP S/4HANA S4CORE Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) - versions S4CORE 102, 103, 104, 105, 106, 107, 108, SCM_BASIS 700, 701, 702, 712, 713 and 714
Review the SAP Security Patch Day - May 2025 and apply the necessary updates.
| SAP |
| 1132 | Ivanti Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.14.004]
details...
On 13th May 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Ivanti Cloud Services Application - version 5.0.4 and prior
- Ivanti Neurons for ITSM (on-prem only) - versions 2023.4, 2024.2 and 2024.3
Review the following advisories and apply the necessary updates:
| Ivanti |
| 1133 | Intel Security Advisory. [Published Date: 2025-05-13]
[Id:2025.05.14.005]
details...
On 12th and 13th May 2025, Intel published security advisories to address vulnerabilities in multiple products.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 1134 | Microsoft Security Advisory - May 2025 Monthly Rollup. [Published Date: 2025-05-13]
[Id:2025.05.14.006]
details...
On 13th May 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Microsoft 365 Apps - multiple versions and platforms
- Microsoft Office - multiple versions and platforms
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide).
| Microsoft |
| 1135 | Ubuntu Security Advisory. [Published Date: 2025-05-12]
[Id:2025.05.13.007]
details...
Between May 5 and 11, 2025, Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1136 | Red Hat Security Advisory. [Published Date: 2025-05-12]
[Id:2025.05.13.008]
details...
Between 5th and 11th May 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1137 | Dell security advisory [Published Date: 2025-05-12]
[Id:2025.05.13.009]
details...
Between 5th to 11th May 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Connectrix SANnav - versions prior to 2.3.1a
- Dell Edge Gateway - multiple models and versions prior to 2.00.10
- Dell EMC Networking VEP1425/VEP1445/VEP1485 - versions prior to 2.6
- Dell Networking VEP4600 - multiple models and versions prior to 4.3
- Dell PowerFlex rack - versions prior to 3.7.7.0
- Dell PowerFlex rack - versions prior to 3.8.2.0
- Dell PowerSwitch - multiple models and versions
- Dell SD-WAN Edge 600 - versions prior to 2.6
- Dell Storage Manager DSM - versions prior to 2020 R1.21
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1138 | Commvault Security Advisory. [Published Date: 2025-05-11]
[Id:2025.05.06.002]
details...
Commvault published a security advisory to address a critical vulnerability in Commvault - versions 11.38.0 to 11.38.19
Review the Security Advisory and apply the necessary updates.
| Commvault |
| 1139 | Microsoft Edge Security Advisory. [Published Date: 2025-05-08]
[Id:2025.05.13.005]
details...
Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 136.0.3240.64.
Release notes for Microsoft Edge Security Updates and apply the necessary updates.
| Microsoft |
| 1140 | F5 Security Advisory. [Published Date: 2025-05-07]
[Id:2025.05.13.001]
details...
F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:
- BIG-IP (all modules) - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, and versions 15.1.0 to 15.1.10
- BIG-IP (APM) - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, and versions 15.1.0 to 15.1.10
- BIG-IP (PEM) - versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5, and versions 15.1.0 to 15.1.10
- BIG-IP Next (all modules) - versions 20.2.0 to 20.2.1
- BIG-IP Next SPK - versions 1.8.0 to 1.9.2 and versions 1.7.0 to 1.9.2
- BIG-IP Next CNF - versions 1.1.0 to 1.4.1
- F5OS-A - versions 1.5.1 to 1.5.3
- F5OS-C - versions 1.6.0 to 1.6.2
Review the F5 Security Advisories and apply the necessary updates. | F5 |
| 1141 | Cisco Security Advisory. [Published Date: 2025-05-07]
[Id:2025.05.13.002]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- 1000 Series Integrated Services Routers
- 1100 Series Integrated Services Routers (ISRs)
- 4000 Series Integrated Services Routers
- Integrated access points (APs) in Integrated Service Routers (ISR)1100 (Wi-Fi 6)
- Catalyst 8200 Series Edge Platforms
- Catalyst 8300 Series Edge Platforms
- Catalyst 8500 Series Edge Platforms
- Catalyst 8500L Series Edge Platforms
- Catalyst 9800-CL Wireless Controllers for Cloud
- Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
- Catalyst 9800 Series Wireless Controllers
- Embedded Wireless Controller on Catalyst 9100X Access Points
- Catalyst SD-WAN Manager - versions 20.8 and prior, 20.9, 20.10, 20.11, 20.12, 20.13, 20.14, 20.15, and 20.16
- Wi-Fi 6 pluggable module for Catalyst IR1800 Rugged Series Routers
- Cisco Industrial Ethernet 2000, 4000, 4010, and 5000 Series Switches
- Cisco IOS, IOS XE, NX-OS and IOS XR Software
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Firepower Threat Defense (FTD) Software
Review the Cisco Security Advisory and apply the necessary updates.
| Cisco |
| 1142 | SonicWall Security Advisory. [Published Date: 2025-05-07]
[Id:2025.05.13.003]
details...
SonicWall published a security advisory to address vulnerabilities in SonicWall SMA 100 Series (SMA 200, 210, 400, 410, 500v) - version 10.2.1.14-75sv and prior.
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1143 | Drupal Security Advisory. [Published Date: 2025-05-07]
[Id:2025.05.13.004]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Enterprise MFA - TFA for Drupal - versions prior to 4.7.0 and versions 5.0.0 to versions prior to 5.2.0
- Restrict route by IP - versions prior to 1.3.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 1144 | Google Chrome Security Advisory. [Published Date: 2025-05-06]
[Id:2025.05.13.006]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 136.0.7103.92 for Linux and prior to 136.0.7103.92/.93 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1145 | Android security advisory - May 2025 Monthly Rollup.
[Id:2025.05.06.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1146 | Dell Security Advisory. [Published Date: 2025-05-04]
[Id:2025.05.06.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Microsoft Azure - versions prior to 01.04.01.00
- Dell VxRail Appliance - versions 8.0.000 to 8.0.322
- PowerFlex Appliance IC - versions prior to IC 46.377.00 and versions prior to IC 46.382.00
- PowerFlex rack RCM - versions prior to 6.7.1
Review the following advisories and apply the necessary updates:
| Dell |
| 1147 | IBM Security Advisory. [Published Date: 2025-05-04]
[Id:2025.05.06.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- CP4NA - version 2.7.7
- GDSC Platform On-prem - version 3.7.1
- IBM Cloud Pak for Business Automation - versions V24.0.1 to V24.0.1-IF001 and versions 24.0.0 to 24.0.0-IF004
- IBM Cloud Pak System - version 2.3.4.0 (Intel)
- IBM Planning Analytics Cartridge - versions 5.0.0 to 5.1.0
- IBM Planning Analytics Cartridge for IBM Cloud Pak for Data - versions 4.8.0 to 4.8.8
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - versions 4.8.4 to 4.8.5 and versions 5.0.0 to 5.1.1
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.1.2
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1148 | Ubuntu Security Advisory. [Published Date: 2025-05-04]
[Id:2025.05.06.005]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 20.04 ESM
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1149 | Microsoft Edge Security Advisory. [Published Date: 2025-05-01]
[Id:2025.05.01.001]
details...
| Microsoft |
| 1150 | Google Chrome Security Advisory. [Published Date: 2025-04-30]
[Id:2025.04.30.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 136.0.7103.59 for Linux and prior to 136.0.7103.48/49 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates.
| Google |
| 1151 | VMware Security Advisory. [Published Date: 2025-04-29]
[Id:2025.04.29.001]
details...
Mozilla published security advisories to address vulnerabilities in the following products:
- VMware Tanzu GemFire Vector Database - versions prior to 1.2.0
- VMware Tanzu Greenplum - versions prior to 7.4.1
Review the following advisories and apply the necessary updates:
| Vmware |
| 1152 | Mozilla Security Advisory. [Published Date: 2025-04-29]
[Id:2025.04.29.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products:
- Thunderbird ESR - versions prior to 128.10
- Thunderbird - versions prior to 138
- Firefox ESR - versions prior to 115.23
- Firefox ESR - versions prior to 128.10
- Firefox - versions prior to 138
Review the following advisories and apply the necessary updates:
| Mozilla |
| 1153 | Apache Security Advisory. [Published Date: 2025-04-29]
[Id:2025.04.29.003]
details...
Apache published a security advisory to address vulnerabilities in the following products:
- Apache Tomcat - versions 11.0.0-M1 to 11.0.5
- Apache Tomcat - versions 10.1.0-M1 to 10.1.39
- Apache Tomcat - versions 9.0.0.M1 to 9.0.102
Review the following advisories and apply the necessary updates:
| Apache |
| 1154 | Dell Security Advisory. [Published Date: 2025-04-27]
[Id:2025.04.27.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.02.04.00
- Dell Connectrix B-Series - versions 9.1.0 to 9.1.1d6
- Dell PowerProtect Data Manager - versions 19.15.0 to 19.18.0-23
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 1155 | IBM Security Advisory. [Published Date: 2025-04-27]
[Id:2025.04.27.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Power HMC V10.2.1030.0 - version V10.2.1030.0
- IBM Power HMC V10.3.1050.0 - version V10.3.1050.0
- IBM QRadar SIEM - version 7.5 to 7.5.0 UP11 IF03
- IBM webMethods B2B (on-prem) - versions 10.11, 10.15 and 11.1
- IBM webMethods Integration (on prem) - versions 10.11, 10.15 and 11.1
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1156 | Ubuntu Security Advisory. [Published Date: 2025-04-27]
[Id:2025.04.27.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates.
| Ubuntu |
| 1157 | Microsoft Edge Security Advisory. [Published Date: 2025-04-24]
[Id:2025.04.24.001]
details...
| Microsoft |
| 1158 | GitLab Security Advisory. [Published Date: 2025-04-23]
[Id:2025.04.23.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products:
- GitLab Community Edition (CE) - versions prior to 17.11.1, 17.10.5 and 17.9.7
- GitLab Enterprise Edition (EE) - versions prior to 17.11.1, 17.10.5 and 17.9.7
Review the provided GitLab Patch Release: 17.11.1, 17.10.5, 17.9.7, and perform the suggested mitigations. | Gitlab |
| 1159 | Cisco Security Advisory. [Published Date: 2025-04-23]
[Id:2025.04.23.002]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- ConfD
- ConfD Basic
- Intelligent Node Manager
- Network Services Orchestrator (NSO)
- Smart PHY
- Ultra Cloud Core - Subscriber Microservices Infrastructure
Review the Cisco Security Advisory and apply the necessary updates. | CISCO |
| 1160 | HPE Security Advisory. [Published Date: 2025-04-22]
[Id:2025.04.22.001]
details...
HPE published a security advisory to address vulnerabilities in the following products:
- HPE Brocade Fabric OS - versions prior to v9.1.1d7 and v9.2.0
- HPE Compute Scale-up Server 3200 - versions prior to v1.55.98
- HPE Performance Cluster Manager HPCM 1.12 and prior
- HPE Superdome Flex 280 Server - versions prior to v2.00.12
- HPE Telco Unified OSS Console - versions prior to v3.1.15
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1161 | Google Chrome Security Advisory. [Published Date: 2025-04-22]
[Id:2025.04.22.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 135.0.7049.114 for Linux and prior to 135.0.7049.114/115 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates.
| Google |
| 1162 | Ubuntu Security Advisory. [Published Date: 2025-04-20]
[Id:2025.04.20.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1163 | IBM Security Advisory. [Published Date: 2025-04-20]
[Id:2025.04.20.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.12 and 13.0.1.0 to 13.0.2.2
- IBM CICS TX Standard - version 11.1
- IBM Cloud Pak for Security - version 1.10.0.0 to 1.10.11.0
- IBM Maximo Application Suite - multiple versions
- PowerVC - versions 2.1.1.2, 2.2.0, 2.2.1, 2.2.1.1 and 2.3.0
- QRadar Suite Software - version 1.10.12.0 to 1.11.1.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1164 | Dell Security Advisory. [Published Date: 2025-04-20]
[Id:2025.04.20.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Data Lakehouse - versions prior to 1.4.0.0
- Dell Storage Resource Manager - versions prior to 5.1.0.0
- Dell Storage Monitoring and Reporting - versions prior to 5.1.0.0
- PowerStore 1000X - versions prior to 3.2.1.6-2476179
- PowerStore 3000X - versions prior to 3.2.1.6-2476179
- PowerStore 5000X - versions prior to 3.2.1.6-2476179
- PowerStore 7000X - versions prior to 3.2.1.6-2476179
- PowerStore 9000X - versions prior to 3.2.1.6-2476179
Review the following advisories and apply the necessary updates:
| Dell |
| 1165 | Red Hat Security Advisory. [Published Date: 2025-04-20]
[Id:2025.04.20.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux Server for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
Review the following [access.redhat.com/security/security-updates/security-advisories] RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1166 | Microsoft Edge Security Advisory. [Published Date: 2025-04-17]
[Id:2025.04.17.001]
details...
| Microsoft |
| 1167 | Apple Security Advisory. [Published Date: 2025-04-16]
[Id:2025.04.16.001]
details...
Apple published security updates to address vulnerabilities in the following products:
- iOS and iPadOS - versions prior to 18.4.1
- macOS Sequoia - versions prior to 15.4.1
Review the provided Apple Security Advisory and apply the necessary updates.
| Apple |
| 1168 | Cisco Security Advisory. [Published Date: 2025-04-16]
[Id:2025.04.16.002]
details...
Cisco published a security advisory to address a vulnerability in the Cisco Webex App - versions 44.6 and 44.7.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1169 | Mozilla Security Advisory. [Published Date: 2025-04-15]
[Id:2025.04.15.001]
details...
Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 137.0.2.
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1170 | Google Chrome Security Advisory. [Published Date: 2025-04-15]
[Id:2025.04.15.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 135.0.7049.95 for Linux and prior to 135.0.7049.95/96 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1171 | Atlassian Security Advisory. [Published Date: 2025-04-15]
[Id:2025.04.15.003]
details...
Atlassian published security advisories to address vulnerabilities in the following products:
- Bamboo Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1172 | Oracle Security Advisory - April 2025. [Published Date: 2025-04-15]
[Id:2025.04.15.004]
details...
Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Oracle Analytics
- Oracle Application Express
- Oracle Autonomous Health Framework
- Oracle Commerce
- Oracle Communications Applications
- Oracle Communications
- Oracle Construction and Engineering
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Financial Services Applications
- Oracle Food and Beverage Applications
- Oracle Fusion Middleware
- Oracle GoldenGate
- Oracle Hospitality Applications
- Oracle Hyperion
- Oracle Insurance Applications
- Oracle Java SE
- Oracle JD Edwards
- Oracle MySQL
- Oracle PeopleSoft
- Oracle Policy Automation
- Oracle Retail Applications
- Oracle Siebel CRM
- Oracle Solaris
- Oracle SQL Developer
- Oracle Supply Chain
- Oracle Support Tools
- Oracle TimesTen In-Memory Database
- Oracle Utilities
- Oracle Virtualization
Review Oracle Critical Patch Update Advisory - April 2025 and apply the necessary updates. | Oracle |
| 1173 | Ubuntu security advisory. [Published Date: 2025-04-13]
[Id:2025.04.13.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1174 | Dell Security Advisory. [Published Date: 2025-04-13]
[Id:2025.04.13.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Gen5a - version ADS Gen5A
- Dell Integrated System for Microsoft Azure Stack HCI - multiple versions and models
- Dell Integrated System for Microsoft Azure Stack Hub 16G - versions prior to 2502
- Dell iDRAC9 - versions prior to 7.00.00.181 and 7.20.30.50
- Dell NetWorker Management Console - versions prior to 19.11.04 and 19.12.0.1
- Dell PowerProtect Cyber Recovery Software - versions prior to 19.18.0.2
- Dell PowerProtect Data Manager DM5500 Appliance Software - versions prior to 5.19
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 1175 | IBM Security Advisory. [Published Date: 2025-04-13]
[Id:2025.04.13.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- IBM Business Automation Manager Open Editions - versions 8.0.0 to 8.0.6
- IBM Guardium Data Protection - version 11.4, 12.0 and 12.1
- IBM Integration Bus for z/OS - versions 10.1.0.0 to 10.1.0.5
- IBM PCOMM - versions v14.x and v15.x
- IBM Process Mining - versions 2.0.0 IF001 and 2.0.0
- IBM Storage Protect Plus - versions 10.1.0. to 10.1.16
- IBM Storage Protect Server - version 8.1
- IBM Storage Scale - versions 5.1.7.0 to 5.1.9.8 and 5.2.0.0 to 5.2.2.0
- IBM Security Verify Governance - version ISVG 10.02
- IBM Security Verify Governance, Identity Manager Software Stack - version ISVG 10.02
- IBM Security Verify Governance, Identity Manager Virtual Appliance - version ISVG 10.02
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1176 | Red Hat Security Advisory. [Published Date: 2025-04-13]
[Id:2025.04.13.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates:
| Red Hat |
| 1177 | Microsoft Edge Security Advisory. [Published Date: 2025-04-11]
[Id:2025.04.11.001]
details...
| Microsoft |
| 1178 | Juniper Networks Security Advisory. [Published Date: 2025-04-09]
[Id:2025.04.09.001]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products:
- CTP View - versions prior to 9.2R1
- Junos OS - multiple versions
- Junos OS Evolved - multiple versions
- Junos OS on EX and QFX5k Series - multiple versions
- Junos OS on MX Series - multiple versions
- Juno OS on SRX Series - multiple versions
- Junos Space - versions prior to 24.1R3
- Junos Space Security Director - versions prior to 24.1R3
Review the Juniper Networks security advisories and apply the necessary updates. | Juniper |
| 1179 | Palo Alto Networks Security Advisory. [Published Date: 2025-04-09]
[Id:2025.04.09.002]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Prisma Access Browser - versions prior to 132.83.3017.1.
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1180 | Drupal Security Advisory. [Published Date: 2025-04-09]
[Id:2025.04.09.003]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- ECA : Event - Condition - Action – versions 1.2.x, versions prior to 1.1.12, version 2.0.0 to versions prior to 2.0.16 and version 2.1.0 to versions prior to 2.1.7
- Panels - versions prior to 4.9.0
Review the following advisories and apply the necessary updates:
| Drupal |
| 1181 | HPE Security Advisory. [Published Date: 2025-04-09]
[Id:2025.04.09.004]
details...
HPE published a security advisory to address vulnerabilities in HPE Cray XD670 - versions prior to BMC v1.19.
Review the HPE security bulletins and apply the necessary updates.
| HPE |
| 1182 | SAP security advisory- April 2025 monthly rollup [Published Date: 2025-04-08]
[Id:2025.04.08.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP Capital Yield Tax Management - versions CYTERP 420_700, CYT 800, IBS 7.0 and CYT4HANA 100
- SAP Commerce Cloud -versions HY_COM 2205 and COM_CLOUD 2211
- SAP Financial Consolidation -version 1010
- SAP Landscape Transformation DMIS- versions 2011_1_700, 2011_1_710, 2011_1_730 and 2011_1_731
- SAP NetWeaver and ABAP Platform (Service Data Collection)- versions ST-PI 2008_1_700, 2008_1_710 and 740
- SAP NetWeaver Application Server ABAP - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89 and 7.93
- SAP S/4HANA S4CORE - versions 102, 103, 104, 105, 106, 107 and 108
Review the SAP Security Patch Day-April 2025?and apply the necessary updates. | SAP |
| 1183 | Fortinet security advisory. [Published Date: 2025-04-08]
[Id:2025.04.08.002]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- FortiSwitch 7.6 version 7.6.0
- FortiSwitch 7.4 versions 7.4.0 to 7.4.4
- FortiSwitch 7.2 versions 7.2.0 to 7.2.8
- FortiSwitch 7.0 versions 7.0.0 to 7.0.10
- FortiSwitch 6.4 versions 6.4.0 to 6.4.14
Review the Fortinet Advisory and apply the necessary updates. | Fortinet |
| 1184 | Ivanti Security Advisory. [Published Date: 2025-04-08]
[Id:2025.04.08.003]
details...
| Ivanti |
| 1185 | Adobe Security Advisory [Published Date: 2025-04-08]
[Id:2025.04.08.004]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
- Adobe After Effects version 24.6.4 and prior and version 25.1 and prior
- Adobe Animate 2024 version 24.0.7 and prior
- Adobe Animate 2023 version 23.0.10 and prior
- Adobe Bridge version 14.1.5 and prior and version 15.0.2 and prior
- Adobe Commerce multiple versions
- Adobe Commerce B2B multiple versions
- Adobe Experience Manager Forms on JEE version 6.5.22.0 (AEMForms-6.5.0-0093) and prior
- Adobe Experience Manager Screens version AEM 6.5 Screens FP11.3 and prior
- Adobe FrameMaker version 2022 Release Update 5 and prior
- Adobe FrameMaker version 2020 Release Update 7 and prior
- Adobe Media Encoder version 24.6.4 and prior and version 25.1 and prior
- Adobe Premiere Pro version 25.1 and prior and version 24.6.4 and prior
- Adobe XMP-Toolkit-SDK version 2023.12 and prior
- ColdFusion 2025 version build 331385
- ColdFusion 2023 version Update 12 and prior
- ColdFusion 2021 version Update 18 and prior
- Magento Open Source multiple versions
- Photoshop 2025 version 26.4.1 and prior
- Photoshop 2024 version 25.12.1 and prior
Review the Adobe Security Advisories and apply the necessary updates | Adobe |
| 1186 | Google Chrome Security Advisory. [Published Date: 2025-04-08]
[Id:2025.04.08.005]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 135.0.7049.84 for Linux and prior to 0.7049.84/85 for Windows and Apple MAC. Review the Google security bulletins and apply the necessary updates. | Google |
| 1187 | Microsoft April 2025 Security Updates. [Published Date: 2025-04-08]
[Id:2025.04.08.006]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Microsoft 365 Apps - multiple versions and platforms
- Microsoft Office - multiple versions and platforms
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 1188 | Android security advisory - April 2025 Monthly Rollup [Published Date: 2025-04-07]
[Id:2025.04.07.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices. Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1189 | VMware Security Advisory [Published Date: 2025-04-07]
[Id:2025.04.07.002]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Tanzu Greenplum versions prior to 6.29.0
- VMware Tanzu Greenplum Backup and Restore versions prior to 1.31.0
- VMware Tanzu Greenplum Platform Extension Frameworkversions prior to 6.11.1
Review the following advisories and apply the necessary updates: | Vmware |
| 1190 | Ubuntu security advisory. [Published Date: 2025-04-07]
[Id:2025.04.07.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:
- Ubuntu 14.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1191 | Dell Security Advisory. [Published Date: 2025-04-06]
[Id:2025.04.06.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- Dell Avamar Data Store Gen5a - version ADS Gen5A
- Dell PowerMax EEM 10.1.0.7 - version 10.1.0.5.10551 and prior
- Dell PowerMax EEM 10.2.0.1 - version 10.2.0.0
- Dell PowerMax EEM 5978 - version 5978.714.714.10632 and prior
- Dell PowerMax OS 10.1.0.7 - version 10.1.0.5.10551 and prior
- Dell PowerMax OS 10.2.0.1 - version 10.2.0.0
- Dell PowerMax OS 5978 - version 5978.714.714.10632 and prior
- PowerFlex Custom Node - multiple versions and platforms
- Solutions Enabler Virtual Appliance - versions prior to 9.2.4.9
- Unisphere 360 - versions prior to 9.2.4.35
- Unisphere for PowerMax - multiple versions
- VxFlex Ready Node - multiple platforms, versions prior to 2.22.2
Review the provided Dell Security Advisory and apply the necessary updates.
| Dell |
| 1192 | IBM security advisory. [Published Date: 2025-04-06]
[Id:2025.04.06.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products
- Business Automation Manager Open Editions - versions 9.0.0 to 9.1.1
- IBM API Connect - versions V10.0.0.5.0 to V10.0.5.8 and versions V10.0.8.0 to 10.0.8.2
- IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.2.2 and versions 12.0.1.0 to 12.0.12.11
- IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.1.1
- InfoSphere Information Server - version 11.7
Review the IBM Security Advisory and apply the necessary updates.
| IBM |
| 1193 | CISA, NSA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat [Published Date: 2025-04-03]
[Id:2025.04.03.001]
details...
Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand's National Cyber Security Centre (NCSC-NZ)- released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB).
This advisory warns organizations, internet service providers (ISPs), and cybersecurity service providers of the ongoing threat of fast flux enabled malicious activities and provides guidance on detection and mitigations to safeguard critical infrastructure and national security.
"Fast flux" is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS) records associated with a single domain name. This threat exploits a gap commonly found in network defences, making the tracking and blocking of malicious fast flux activities difficult.
Review the updated joint advisory to protect and detect Fast Flux. | CISA |
| 1194 | Ivanti Security Advisory. [Published Date: 2025-04-03]
[Id:2025.04.03.002]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Connect Secure - version 22.7R2.5 and prior
- Pulse Connect Secure (EoS) - version 9.1R18.9 and prior
- Ivanti Policy Secure - version 22.7R1.3 and prior
- ZTA Gateways - version 22.8R2 and prior
Review the April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457) and apply the necessary updates. | Ivanti |
| 1195 | Microsoft Edge Security Advisory. [Published Date: 2025-04-03]
[Id:2025.04.03.003]
details...
| Microsoft |
| 1196 | Cisco Security Advisory. [Published Date: 2025-04-02]
[Id:2025.04.02.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Enterprise Chat and Email (ECE) - versions prior to 12.6 ES 10
- Cisco Meraki MX and Cisco Meraki Z Series - firmware versions 16.2, 17, 18.1, 18.2 and 19.1
Review the following Cisco Security Advisory and apply the necessary updates | CISCO |
| 1197 | Jenkins Security Advisory. [Published Date: 2025-04-02]
[Id:2025.04.02.002]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Jenkins weekly - version 2.503 and prior
- Jenkins LTS - version 2.492.2 and prior
- AsakusaSatellite Plugin - version 0.1.1 and prior
- Cadence vManager Plugin - version 4.0.0-282.v5096a_c2db_275 and prior
- monitor-remote-job Plugin - version 1.0 and prior
- Simple Queue Plugin - version 1.4.6 and prior
- Stack Hammer Plugin - version 1.0.6 and prior
- Templating Engine Plugin - version 2.5.3 and prior
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1198 | Mozilla Security Advisory. [Published Date: 2025-04-01]
[Id:2025.04.01.001]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird ESR - versions prior to 128.9
- Thunderbird - versions prior to 137
- Firefox ESR - versions prior to 128.9
- Firefox ESR - versions prior to 115.22
- Firefox - versions prior to 137
Review the Mozilla Security Advisories and apply the necessary updates. | Mozilla |
| 1199 | Google Chrome Security Advisory. [Published Date: 2025-04-01]
[Id:2025.04.01.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 135.0.7049.52 for Linux and prior to 135.0.7049.41/42 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1200 | VMware Security Advisory. [Published Date: 2025-04-01]
[Id:2025.04.01.003]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Aria Operations - version 8.x
- VMware Cloud Foundation - versions 5.x and 4.x
- VMware Telco Cloud Platform - versions 5.x, 4.x and 3.x
- VMware Telco Cloud Infrastructure - versions 3.x and 2.x
Review the following advisories and apply the necessary updates: | Vmware |
| 1201 | Apple Security Advisory. [Published Date: 2025-03-31]
[Id:2025.03.31.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18.4
- iPadOS - versions prior to 17.7.6
- iOS and iPadOS - versions prior to 16.7.11
- iOS and iPadOS - versions prior to 15.8.4
- macOS Sequoia - versions prior to 15.4
- macOS Sonoma - versions prior to 14.7.5
- macOS Ventura - versions prior to 13.7.5
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1202 | Dell Security Advisory. [Published Date: 2025-03-30]
[Id:2025.03.30.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Enterprise SONiC Distribution - versions prior to 4.4.2
- Dell ObjectScale - versions prior to ObjectScale 4.0
- Dell Storage Monitoring and Reporting - versions prior to 5.0.2.2
- Dell Storage Monitoring and Reporting - versions prior to 5.0.2.2
- Dell Storage Resource Manager - versions prior to 5.0.2.2
- Dell Unity - versions prior to 5.5.0.0.5.259
- PowerStore 1000T - versions prior to 3.6.1.5-2456810
- PowerStore 1200T - versions prior to 3.6.1.5-2456810
- PowerStore 3000T - versions prior to 3.6.1.5-2456810
- PowerStore 3200T - versions prior to 3.6.1.5-2456810
- PowerStore 5000T - versions prior to 3.6.1.5-2456810
- PowerStore 500T - versions prior to 3.6.1.5-2456810
- PowerStore 5200T - versions prior to 3.6.1.5-2456810
- PowerStore 7000T - versions prior to 3.6.1.5-2456810
- PowerStore 9000T - versions prior to 3.6.1.5-2456810
- PowerStore 9200T - versions prior to 3.6.1.5-2456810
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1203 | Ubuntu Security Advisory. [Published Date: 2025-03-30]
[Id:2025.03.30.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1204 | Red Hat Security Advisory. [Published Date: 2025-03-30]
[Id:2025.03.30.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates | Red Hat |
| 1205 | Situational Awareness for Eid-Ul-Fitr 2025 Holidays. [Published Date: 2025-03-27]
[Id:2025.03.27.002]
details...
| BDNCIRT |
| 1206 | Mozilla Security Advisory. [Published Date: 2025-03-27]
[Id:2025.03.27.001]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox - versions prior to 136.0.4
- Firefox ESR - versions prior to 115.21.1
- Firefox ESR - versions prior to 128.8.1
Review the Mozilla Security Advisories and apply the necessary updates. | Mozilla |
| 1207 | GitLab Security Advisory. [Published Date: 2025-03-26]
[Id:2025.03.26.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.10.1, 17.9.3 and 17.8.6
- GitLab Enterprise Edition (EE) - versions prior to 17.10.1, 17.9.3 and 17.8.6
Review the provided GitLab Patch Release: 17.10.1, 17.9.3, 17.8.6, and perform the suggested mitigations. | Gitlab |
| 1208 | Microsoft Edge Security Advisory. [Published Date: 2025-03-26]
[Id:2025.03.26.002]
details...
| Microsoft |
| 1209 | Splunk Security Advisory. [Published Date: 2025-03-26]
[Id:2025.03.26.003]
details...
Splunk published a security update to address vulnerabilities in the following products. - Splunk Enterprise - versions prior to 9.4.0, 9.3.3, 9.2.5 and 9.1.8
- Splunk Cloud Platform - versions prior to 9.3.2408.104, 9.2.2406.108, 9.2.2403.114 and 9.1.2312.208
Review the Splunk Security Advisory and apply the necessary updates. | Microsoft |
| 1210 | Next.js Security Advisory. [Published Date: 2025-03-25]
[Id:2025.03.25.001]
details...
Next.js published a security advisory to address a critical vulnerability in the following product: - Next.js - 15.x versions prior to 15.2.3
- Next.js - 14.x versions prior to 14.2.25
- Next.js - 13.x versions prior to 13.5.9
- Next.js - 12.x versions prior to 12.3.5
Review the Security Advisory and apply the necessary updates. | Nextjs |
| 1211 | VMware Security Advisory. [Published Date: 2025-03-25]
[Id:2025.03.25.002]
details...
| Vmware |
| 1212 | Google Chrome Security Advisory. [Published Date: 2025-03-25]
[Id:2025.03.25.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions prior to 134.0.6998.177/178 for Windows.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1213 | HPE Security Advisory. [Published Date: 2025-03-24]
[Id:2025.03.24.001]
details...
HPE published a security advisory to address vulnerabilities in HPE SANnav Management Software - versions prior to v2.3.1b and v2.4.0.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1214 | Kubernetes Security Advisory. [Published Date: 2025-03-24]
[Id:2025.03.24.002]
details...
Kubernetes published security advisories to address vulnerabilities in the following products: - Kubernetes ingress-nginx controller - versions prior to 1.11.5
- Kubernetes ingress-nginx controller - versions prior to 1.12.1
Review the following advisories and apply the necessary updates: | Kubernetes |
| 1215 | Dell Security Advisory. [Published Date: 2025-03-23]
[Id:2025.03.23.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.01.02.00
- Dell Chassis Management Controller (CMC) for Dell PowerEdge FX2 - versions prior to 2.40.200.202101130302
- Dell Chassis Management Controller (CMC) for PowerEdge VRTX - versions prior to 3.41.200.202209300499
- Dell Data Protection Central - versions 19.9.0 to 19.11.0-2
- Dell ECS - versions prior to 3.8.1.4
- Dell SmartFabric Manager - versions 1.0.0 and 1.1.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1216 | Red Hat Security Advisory. [Published Date: 2025-03-23]
[Id:2025.03.23.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates | Red Hat |
| 1217 | IBM security advisory. [Published Date: 2025-03-23]
[Id:2025.03.23.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - AIX - versions 7.2 and 7.3
- DataStage on Cloud Pak for Data - version 4.8.2 to 4.8.4
- FileNet Content Manager - versions 5.5.12.0, 5.5.8.0 and 5.6.0.0
- IBM CP4MCM - version 2.3 to 2.3 FP9
- IBM Maximo Application Suite IoT Component - versions 8.7, 8.8 and 9.0
- IBM Rapid Infrastructure Automation - version 1.1.4
- IBM watsonx Assistant Cartridge - version 4.0 to 5.1.0
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component - version 5.0 to 5.1.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1218 | HPE Security Advisory. [Published Date: 2025-03-21]
[Id:2025.03.21.001]
details...
HPE published a security advisory to address vulnerabilities in HPE Telco Service Activator - versions prior to 10.1.1.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1219 | Microsoft Edge Security Advisory. [Published Date: 2025-03-21]
[Id:2025.03.21.002]
details...
| Microsoft |
| 1220 | Jenkins Security Advisory. [Published Date: 2025-03-19]
[Id:2025.03.19.001]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - AnchorChain Plugin - version 1.0 and prior
- EDDSA API Plugin - version 3.0-13.v7cb_69ed68f00 and prior
- Zoho QEngine Plugin - version 0.29.vfa_cc23396502 and prior
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1221 | Veeam Security Advisory. [Published Date: 2025-03-19]
[Id:2025.03.19.002]
details...
Veem has released security updates to address a vulnerability in Veeam Backup & Replication - all versions 12 prior to build 12.3.1.1139.
Review the Veeam Security Advisory and apply the necessary updates. | Veeam |
| 1222 | Google Chrome Security Advisory. [Published Date: 2025-03-19]
[Id:2025.03.19.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.117 for Linux and prior to 134.0.6998.117/118 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1223 | Apache Tomcat Security Advisory. [Published Date: 2025-03-18]
[Id:2025.03.18.001]
details...
Apache published a security advisory to address vulnerabilities in the following products: - Apache Tomcat 11.0.0-M1 to 11.0.2
- Apache Tomcat 10.1.0-M1 to 10.1.34
- Apache Tomcat 9.0.0-M1 to 9.0.98
Review the provided Apache Security Advisory and apply the necessary updates. | Apache |
| 1224 | Atlassian Security Advisory. [Published Date: 2025-03-18]
[Id:2025.03.18.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1225 | Red Hat Security Advisory. [Published Date: 2025-03-16]
[Id:2025.03.16.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1226 | Dell Security Advisory. [Published Date: 2025-03-16]
[Id:2025.03.16.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.01.02.00
- Dell Cloud Tiering Appliance CTA and CTA-HA - versions prior to 13.2.0.2.33
- Dell Cloud Tiering Appliance CTA/VE and CTA-HA/VE - versions prior to 13.2.0.2.33
- Dell Connectrix B-Series and SANnav - multiple models and versions
- Dell Integrated System for Microsoft Azure Stack HCI - multiple models and versions
- Dell Networking OS10 - version 10.5.5.x and 10.5.6.x
- Dell VxRail Appliance - multiple models and versions
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1227 | Ubuntu Security Advisory. [Published Date: 2025-03-16]
[Id:2025.03.16.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1228 | GitLab Security Advisory. [Published Date: 2025-03-15]
[Id:2025.03.15.001]
details...
GitHub published a security advisory to address a vulnerability in tj-actions/changed-files GitHub Actions - versions 45.07 and prior.
Review the provided GitHub Security Advisory and perform the suggested mitigations. | Github |
| 1229 | VMware Security Advisory. [Published Date: 2025-03-13]
[Id:2025.03.13.001]
details...
VMware released a security advisory to address multiple vulnerabilities in VMWare Tanzu GemFire - versions prior to 10.0.6.
Review the VMware security advisory VMware VMSA-2025-002 and apply the necessary updates. | Vmware |
| 1230 | Microsoft Edge Security Advisory. [Published Date: 2025-03-12]
[Id:2025.03.12.001]
details...
Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 134.0.3124.66.
Review the following advisories and apply the necessary updates: | Microsoft |
| 1231 | Palo Alto Networks Security Advisory. [Published Date: 2025-03-12]
[Id:2025.03.12.002]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Prisma Access Browser - versions prior to 133.16.4.99.
Review the Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1232 | [Alert] Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577). [Published Date: 2025-03-12]
[Id:2025.03.12.003]
details...
| PHP |
| 1233 | GitLab Security Advisory. [Published Date: 2025-03-12]
[Id:2025.03.12.004]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.9.2, 17.8.5 and 17.7.7
- GitLab Enterprise Edition (EE) - versions prior to 17.9.2, 17.8.5 and 17.7.7
Review the provided GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7, and perform the suggested mitigations. | Gitlab |
| 1234 | HPE security advisory [Published Date: 2025-03-12]
[Id:2025.03.12.005]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Cray EX235a Accelerator Blade - versions prior to v2.1.0 (HFP 25.1.2)
- HPE Cray EX235n Server - versions prior to v1.5.1 (HFP 24.10.1)
- HPE Cray EX255a Accelerator Blade - versions prior to v1.4.0 (HFP 25.1.2)
- HPE Cray EX425 Compute Blade - versions prior to v1.7.6 (HFP 24.10.1)
- HPE Cray EX4252 Compute Blade - versions prior to v2.0.1 (HFP 25.1.2)
- HPE ProLiant XL225n Gen10 Plus 1U Node - versions prior to v3.60_01-16-2025
- HPE ProLiant XL645d Gen10 Plus Server - versions prior to v3.40_10-04-2024 (HFP 24.11.0)
- HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.40_10-04-2024 (HFP 24.11.0)
- HPE Cray XD665 - versions prior to v1.50 On the Portal HPE Cray SC XD665 Firmware Pack 2024.09.00
- HPE Cray XD675 - versions prior to v3.1.5 (HPE Cray SC XD665 Firmware Pack 2024.09.00)
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1235 | Cisco Security Advisory. [Published Date: 2025-03-12]
[Id:2025.03.12.006]
details...
Cisco published a security advisory to address a vulnerability in the Cisco IOS XR - multiple versions and platforms.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1236 | Juniper Networks Security Advisory. [Published Date: 2025-03-12]
[Id:2025.03.12.007]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - JunoOS - versions prior to 21.2R3-S9
- JunoOS 21.4 - versions prior to 21.4R3-S10
- JunoOS 22.2 - versions prior to 22.2R3-S6
- JunoOS 22.4 - versions prior to 22.4R3-S6
- JunoOS 23.2 - versions prior to 23.2R2-S3
- JunoOS 23.4 - versions prior to 23.4R2-S4
- JunoOS 24.2 - versions prior to 24.2R1-S2, 24.2R2
Review the following advisories and apply the necessary updates: | Juniper |
| 1237 | SAP security advisory - March 2025 monthly rollup. [Published Date: 2025-03-11]
[Id:2025.03.11.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP Commerce Cloud - versions HY-COM 2205 and COM-CLOUD 2211
- SAP Commerce (Swagger UI) - version COM_CLOUD 2211
- SAP NetWeaver (ABAP Class Builder) - multiple versions
Review the SAP Security Patch Day - March 2025 and apply the necessary updates. | SAP |
| 1238 | Ivanti Security Advisory. [Published Date: 2025-03-11]
[Id:2025.03.11.002]
details...
| Ivanti |
| 1239 | Fortinet Security Advisory. [Published Date: 2025-03-11]
[Id:2025.03.11.003]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiADC - multiple versions
- FortiIsolator 2.4 - versions 2.4.0 to 2.4.5
- FortiSandbox - multiple versions
- FortiSIEM - multiple versions
Review the Fortinet Advisory and apply the necessary updates. | Fortinet |
| 1240 | Microsoft March 2025 Security Updates. [Published Date: 2025-03-11]
[Id:2025.03.11.004]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Microsoft 365 Apps - multiple versions and platforms
- Microsoft Office - multiple versions and platforms
- Remote Desktop client for Windows Desktop
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows App Client for Windows Desktop
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1241 | Adobe Security Advisory. [Published Date: 2025-03-11]
[Id:2025.03.11.005]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Acrobat 2024 - version 24.001.30225 and prior
- Acrobat 2020 - version 20.005.30748 and prior
- Acrobat Reader 2020 - version 20.005.30748 and prior
- Acrobat DC - version 25.001.20428 and prior
- Acrobat Reader DC - version 25.001.20428 and prior
- Adobe Illustrator 2024 - version 28.7.4 and prior
- Adobe Illustrator 2025 - version 29.2.1 and prior
- Adobe InDesign - version ID19.5.2 and prior, version ID20.1 and prior
- Adobe Substance 3D Designer - version 14.1 and prior
- Adobe Substance 3D Modeler - version 1.15 and prior
- Adobe Substance 3D Painter - version 10.1.2 and prior
- Adobe Substance 3D Sampler - version 4.5.2 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1242 | HPE Security Advisory. [Published Date: 2025-03-11]
[Id:2025.03.11.006]
details...
HPE published a security advisory to address vulnerabilities in HPE HPE Cray XD670 - versions prior to BMC v1.19.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1243 | Apple Security Advisory. [Published Date: 2025-03-11]
[Id:2025.03.11.007]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18.3.2
- macOS Sequoia - versions prior to 15.3.2
- Safari - versions prior to 18.3.1
Review the following advisories and apply the necessary updates: | Apple |
| 1244 | Google Chrome Security Advisory. [Published Date: 2025-03-10]
[Id:2025.03.10.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.88 for Linux and prior to 134.0.6998.88/89 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1245 | IBM Security Advisory. [Published Date: 2025-03-09]
[Id:2025.03.09.005]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM API Connect - versions V10.0.5.0 to V10.0.5.8 and V10.0.8.0 to 10.0.8.1
- IBM App Connect Enterprise Certified Containers Operands - CD: 12.0.7.0-r4 to 12.0.12.5-r1, 13.0.1.0-r1 to 13.0.2.0-r1
- IBM App Connect Enterprise Certified Containers Operands - 12.0 LTS: 12.0.12-r1 to 12.0.12-r7
- IBM App Connect Operator - CD: 7.2.0-11.6.0, 12.1.0 to 12.7.0
- IBM App Connect Operator - 12.0 LTS: 12.0.0 to 12.0.7
- IBM DataStage on Cloud Pak for Data - version 4.8.4
- IBM Jazz Foundation - version 7.0.2
- IBM Netcool Operations Insight - versions 1.4 to 1.4.12, 1.5 to 1.5.0.1 and 1.6 to 1.6.13
- IBM Observability with Instana (OnPrem) - versions 1.0.287 to 1.0.290
- IBM Qiskit SDK - versions 0.18.0 to 1.4.1
- IBM Total Storage Service Console (TSSC) / TS4500 IMC - versions 9.4.14, 9.4.21, 9.4.26, 9.4.31, 9.5.8, 9.6.10 and 9.6.15
- IBM watsonx Assistant Cartridge - versions 4.0 to 5.1.0
- IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component - versions 5.0 to 5.1.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1246 | Ubuntu Security Advisory. [Published Date: 2025-03-09]
[Id:2025.03.09.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1247 | IBM security advisory. [Published Date: 2025-03-09]
[Id:2025.03.09.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - GSDC Platform On-prem - version 3.6.2
- IBM Aspera Shares - versions 1.9.9 to 1.10.0 PL7
- IBM Engineering Requirements Management DOORS Next - versions 7.0.2, 7.0.3 and 7.1
- IBM Instana Observability - build 1.0.287
- ICP - Discovery - versions 4.0.0 to 4.8.7 and versions 5.0.0 to 5.1.0
- SPSS Collaboration and Deployment Services - version 8.5
- Watson Studio on Cloud Pak for Data - versions 4.0.0 to 4.8.6 and versions 5.0.0 to 5.0.3
- watsonx.data - version 2.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1248 | Red Hat Security Advisory. [Published Date: 2025-03-09]
[Id:2025.03.09.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1249 | Dell Security Advisory. [Published Date: 2025-03-09]
[Id:2025.03.09.004]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Data Protection Search - versions 19.6.0, 19.6.1, 19.6.2, 19.6.3, 19.6.4 and 19.6.5
- Dell Integrated Data Protection Appliance - version 2.7.8 and prior
- Dell Secure Connect Gateway - Appliance - version 5.26.00.20
- PowerStore 500T, 1000T, 1200 T, 3000T, 3200Q, 3200T, 5000T, 5200T, 7000T, 9000T and 9200T - versions prior to 4.0.1.2-2445526
- PowerStore 1000X, 3000X, 5000X, 7000X and 9000X - versions prior to ESXi70U3s-24585291
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1250 | Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide. [Published Date: 2025-03-06]
[Id:2025.03.06.001]
details...
This Microsoft Security blog post details a malvertising campaign that distributes information-stealing malware via GitHub. Attackers use deceptive ads to trick users into downloading malicious files. These files, hosted on GitHub, execute data theft operations once installed. Microsoft warns users to remain vigilant and avoid clicking on suspicious advertisements.
Review the Microsoft blog post and apply/do the recommended mitigations to protect and detect malicious activity. | Microsoft |
| 1251 | VMware Security Advisory. [Published Date: 2025-03-04]
[Id:2025.03.04.001]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware ESXi - versions 8.0 and 7.0
- VMware Workstation - version 17.x
- VMware Fusion - version 13.x
- VMware Cloud Foundation - versions 5.x and 4.5.x
- VMware Telco Cloud Platform - versions 5.x, 4.x, 3.x, 2.x
- VMware Telco Cloud Infrastructure - versions 3.x, 2.x
Review the following advisories and apply the necessary updates: | Vmware |
| 1252 | Mozilla Security Advisory. [Published Date: 2025-03-04]
[Id:2025.03.04.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox ESR - versions prior to 128.8
- Firefox ESR - versions prior to 115.21
- Firefox - versions prior to 136
Review the following advisories and apply the necessary updates: | Mozilla |
| 1253 | Google Chrome Security Advisory. [Published Date: 2025-03-04]
[Id:2025.03.04.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.35 for Linux and prior to 134.0.6998.35/36 for Windows and 134.0.6998.44/45 for Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1254 | Qualcomm Security Advisory - March 2025 monthly rollup. [Published Date: 2025-03-03]
[Id:2025.03.03.001]
details...
Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 1255 | Android security advisory - March 2025 Monthly Rollup. [Published Date: 2025-03-03]
[Id:2025.03.03.002]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1256 | Dell Security Advisory. [Published Date: 2025-03-02]
[Id:2025.03.02.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Networking OS10 - version 10.5.4.x
- Dell Policy Manager for Secure Connect Gateway - version 5.26.00.18
- Dell PowerScale OneFS - versions 9.4.0.0 to 9.5.1.1
- Dell PowerScale OneFS - versions 9.5.0.0 to 9.7.1.4
- Dell PowerScale OneFS - versions 9.8.0.0 to 9.9.0.1
- Integrated System for Microsoft Azure Stack Hub 14G - versions prior to 2407
- Integrated System for Microsoft Azure Stack Hub 14G - versions prior to 2411
- Integrated System for Microsoft Azure Stack Hub 16G - versions prior to 2411
- Dell PowerEdge R750XA - versions prior to 1.0
- Dell PowerEdge R7515 - versions prior to 1.0
- Dell PowerEdge R7525 - versions prior to 1.0
- Dell PowerEdge R760XA - versions prior to 1.0
- Dell PowerEdge R7615 - versions prior to 1.0
- Dell PowerEdge R7625 - versions prior to 1.0
- Dell PowerEdge XE9680 - versions prior to A00
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1257 | IBM security advisory. [Published Date: 2025-03-02]
[Id:2025.03.02.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM Cloud Pak for Business Automation - versions 24.0.1, V24.0.0 to V24.0.0 to IF003 and unsupported versions
- IBM Cognos Analytics - versions 11.2.0 to 11.2.4 FP5 and 12.0.0 to 12.0.4
- IBM Jazz Reporting Service - versions 7.0.2 and 7.0.3
- IBM Software Support App (iOS) - version 1.0.0
- IBM Software Support app (Android) - version 1.0.0
- IBM Storage Virtualize - multiple versions
- IBM TXSeries for Multiplatforms - versions 8.1, 8.2, 9.1 and 10.1
- IBM Watson Speech Services Cartridge - version 4.0.0 to 5.1.0
- IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5 and 5.0.0 to 5.1.0
- watsonx.data - versions 2.0.2 to 2.1.0 and 2.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1258 | Ubuntu Security Advisory. [Published Date: 2025-03-02]
[Id:2025.03.02.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1259 | GitLab Security Advisory. [Published Date: 2025-02-26]
[Id:2025.02.26.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.9.1, 17.8.4 and 17.7.6
- GitLab Enterprise Edition (EE) - versions prior to 17.9.1, 17.8.4 and 17.7.6
Review the provided GitLab Patch Release: 17.9.1, 17.8.4, 17.7.6, and perform the suggested mitigations. | Gitlab |
| 1260 | Google Chrome Security Advisory. [Published Date: 2025-02-25]
[Id:2025.02.25.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.141 for Linux and prior to 133.0.6943.141/142 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1261 | HPE Security Advisory. [Published Date: 2025-02-24]
[Id:2025.02.24.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - Console Clim Utilities T0697 - versions T0697H01^AAA and T0697H01^AAQ
- CLIM DVD Installation Software T0853 - versions T0853L03-T0853L03^DDA, T0989L03-T0989L03^DDA, T0976L03-T0976L03^DDA and T0853J03-T0853J03^CEE
- HPE Cray EX425 Compute Blade - versions prior to v1.7.6 (HFP 24.11.0)
Review the following HPE Security Advisory and apply the necessary updates: | HPE |
| 1262 | Ubuntu Security Advisory. [Published Date: 2025-02-23]
[Id:2025.02.23.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the following Ubuntu Security Advisory and apply the necessary updates: | Ubuntu |
| 1263 | IBM security advisory. [Published Date: 2025-02-23]
[Id:2025.02.23.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM Cognos Controller - versions 11.0.0 to 11.0.1 FP3
- IBM Controller - version 11.1.0
- IBM CP4MCM - versions 2.3 to 2.3 FP9
- IBM Data Virtualization on Cloud Pak for Data - multiple versions
- Maas360 Configuration Utility - versions 2.90.000 to 3.000.950
- Maas360 Mobile Enterprise Gateway - versions 2.90.000 to 3.000.800
- IBM Watson Query on Cloud Pak for Data - multiple versions
- Watson Studio on Cloud Pak for Data - Execution Engine for Apache Hadoop - version 5.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1264 | Dell Security Advisory. [Published Date: 2025-02-23]
[Id:2025.02.23.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Networking S5448F-ON - versions prior to 3.52.5.1-12
- Dell Networking Z9432F-ON - versions prior to 3.51.5.1-21
- Dell Networking Z9664F-ON - versions prior to 3.54.5.1-9
- Networker Management Console - versions 19.11 to 19.11.0.3 and versions prior to 19.10.0.7
- PowerPath Management Appliance - version 4.0 P02
- PowerStore 500T, 1000T, 1200T, 3000T, 3200Q, 3200T, 5000T, 5200T, 7000T, 9000T and 9200T - versions prior to 4.1.0.0-2435323
- RecoverPoint for Virtual Machines - versions 6.0 SP1, 6.0 SP1 P1 and 6.0 SP1 P2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1265 | Signal Apps Update. [Published Date: 2025-02-21]
[Id:2025.02.21.001]
details...
Signal updates containing hardened features to help protect against phishing campaigns affecting the following products: - Signal iOS - as of today, versions prior to 7.47 (latest version)
- Signal Android - as of today, versions prior to 7.33.2 (latest version)
Update Signal Apps when available. To do the update, please follow the following web link: | Signal |
| 1266 | Microsoft Edge Security Advisory. [Published Date: 2025-02-20]
[Id:2025.02.20.001]
details...
| Microsoft |
| 1267 | Critical Vulnerability (CVE-2018-19410) Exposes 600 PRTG Instances in Bangladesh. [Published Date: 2025-02-18]
[Id:2025.02.18.009]
details...
| BDNCIRT |
| 1268 | Critical Vulnerability (CVE-2018-19410) Exposes 600 PRTG Instances in Bangladesh [Published Date: 2025-02-18]
[Id:2025.02.18.001]
details...
As part of BGD e-GOV CIRT continuous efforts to monitor emerging threats and vulnerabilities that could compromise national security, our Cyber Threat Intelligence Unit has identified 600 vulnerable PRTG instances in Bangladesh affected by CVE-2018-19410-a critical-severity vulnerability. This.... | BDNCIRT |
| 1269 | OpenSSH Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.002]
details...
OpenSSH published a security advisory to address vulnerabilities in OpenSSH - versions 6.8p1 to 9.9p1.
Review the OpenSSH Release Note and apply the necessary updates. | Openssh |
| 1270 | Juniper Networks Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.003]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - Junos OS - multiple versions
- Junos OS Evolved - multiple versions
- Junos Space - versions prior to 24.1R2
Review the Juniper Networks Security - JSA94663 and apply the necessary updates. | Juniper |
| 1271 | Citrix Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.004]
details...
Citrix published security advisories to address vulnerabilities in the following products: - NetScaler Console 14.1 - versions prior to 14.1-38.53
- NetScaler Console 13.1 - versions prior to 13.1-56.18
- NetScaler Agent 14.1 - versions prior to 14.1-38.53
- NetScaler Agent 13.1 - versions prior 13.1-56.18
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1272 | Mozilla Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.005]
details...
Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 135.0.1.
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1273 | Google Chrome Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.006]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.126 for Linux and prior to 133.0.6943.126/127 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1274 | Atlassian Security Advisory. [Published Date: 2025-02-18]
[Id:2025.02.18.007]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1275 | CISA and Partners Release Advisory on Ghost (Cring) Ransomware. [Published Date: 2025-02-18]
[Id:2025.02.18.008]
details...
Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)- released a joint Cybersecurity Advisory, Ransomware: Ghost (Cring) Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, procedures (TTPs), and detection methods associated with Ghost ransomware activity identified through FBI investigations.
Ghost actors conduct these widespread attacks, targeting and compromising organizations with outdated versions of software and firmware on their internet facing services. These malicious ransomware actors are known to use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) where available patches have not been applied to gain access to internet facing servers. The known CVEs are CVE-2018-13379, CVE-2010-2861, CVE-2009-3960, CVE-2021-34473, CVE-2021-34523, CVE-2021-31207.
Review this joint advisory and apply the recommended mitigations to protect and detect malicious activity. | Cisa |
| 1276 | Ubuntu Security Advisory. [Published Date: 2025-02-16]
[Id:2025.02.16.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1277 | Dell Security Advisory. [Published Date: 2025-02-16]
[Id:2025.02.16.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Avamar NDMP Accelerator - multiple versions
- Dell Avamar Server Hardware Appliance Gen4T/Gen5A - multiple versions
- Dell Avamar Virtual Edition - multiple versions
- Dell Avamar VMware Image Proxy - multiple versions
- Dell Networker Virtual Edition (NVE) - multiple versions
- Dell Power Protect DP Series Appliance - version 2.7.8 and prior running on SLES12SP5
- PowerPath Management Appliance - version 4.0 P02
Review the following advisories and apply the necessary updates: | Dell |
| 1278 | Red Hat Security Advisory. [Published Date: 2025-02-16]
[Id:2025.02.16.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1279 | Microsoft Edge Security Advisory. [Published Date: 2025-02-14]
[Id:2025.02.14.001]
details...
| Microsoft |
| 1280 | PostgreSQL Security Advisory. [Published Date: 2025-02-13]
[Id:2025.02.13.001]
details...
| Postgresql |
| 1281 | Palo Alto Networks Security Advisory. [Published Date: 2025-02-12]
[Id:2025.02.12.001]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following: - PAN-OS 11.2 - versions prior to 11.2.4-h4
- PAN-OS 11.1 - versions prior to 11.1.6-h1
- PAN-OS 10.2 - versions prior to 10.2.13-h3
- PAN-OS 10.1 - versions prior to10.1.14-h9
Review the following advisories and apply the necessary updates: | Palo Alto Networks |
| 1282 | Google Chrome Security Advisory. [Published Date: 2025-02-12]
[Id:2025.02.12.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.98 for Linux and prior to 133.0.6943.98/.99 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1283 | GitLab Security Advisory. [Published Date: 2025-02-12]
[Id:2025.02.12.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.8.2, 17.7.4 and 17.6.5
- GitLab Enterprise Edition (EE) - versions prior to 17.8.2, 17.7.4 and 17.6.5
Review the provided GitLab Patch Release: 17.8.2, 17.7.4, 17.6.5, and perform the suggested mitigations. | Gitlab |
| 1284 | SAP security advisory - February 2025 monthly rollup. [Published Date: 2025-02-11]
[Id:2025.02.11.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Library - @sap/approuter - version 2.6.1 to 16.7.1
- SAP BusinessObjects Business Intelligence platform (Central Management Console) - versions ENTERPRISE 430 and 2025
- SAP Enterprise Project Connection - version 3.0
- SAP NetWeaver AS Java (User Admin Application) Version - version 7.50
- SAP Supplier Relationship Management (Master Data Management Catalog) - version SRM_MDM_CAT 7.52
Review the SAP Security Patch Day - February 2025 and apply the necessary updates. | SAP |
| 1285 | Ivanti Security Advisory. [Published Date: 2025-02-11]
[Id:2025.02.11.002]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Connect Secure (ICS) - version 22.7R2.5 and prior
- Ivanti CSA - version 5.0.4 and prior
- Ivanti Policy Secure (IPS) - version 22.7R1.2 and prior
- Ivanti Secure Access Client (ISAC) - version 22.7R4 and prior
Review the following advisories and apply the necessary updates: | Ivanti |
| 1286 | Fortinet Security Advisory. [Published Date: 2025-02-11]
[Id:2025.02.11.003]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiOS 7.6 - version 7.6.0
- FortiOS 7.4 - versions 7.4.0 to 7.4.4
- FortiOS 7.2 - versions 7.2.0 to 7.2.9 and versions 7.2.4 to 7.2.8
- FortiOS 7.0 - versions 7.0.0 to 7.0.15
- FortiOS 6.4 - all versions
- FortiPortal 7.4 - version 7.4.0 to 7.4.2
- FortiPortal 7.2 - version 7.2.0 to 7.2.6
- FortiPortal 7.0 - version 7.0.0 to 7.0.11
Review the following advisories and apply the necessary updates: | Fortinet |
| 1287 | Microsoft February 2025 monthly Security Updates rollup. [Published Date: 2025-02-11]
[Id:2025.02.11.004]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - System Center 2019, 2022 and 2025
- Microsoft 365 Apps - multiple versions and platforms
- Microsoft Azure - multiple versions and platforms
- Microsoft Dynamics 365 Sales
- Microsoft Excel 2016 - version 16.0.5487.1000
- Microsoft Office - multiple versions and platforms
- Microsoft SharePoint - multiple versions and platforms
- Microsoft Visual Studio - multiple versions
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1288 | Adobe Security Advisory. [Published Date: 2025-02-11]
[Id:2025.02.11.005]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe Commerce - multiple versions
- Adobe Commerce B2B - multiple versions
- Adobe Illustrator 2024 - version 28.73 and prior
- Adobe Illustrator 2025 - version 29.1 and prior
- Adobe InCopy - version 19.5.1 and prior, version 20.0 and prior
- Adobe InDesign - version ID19.5.2 and prior, version ID20.1 and prior
- Adobe Magento Open Source - multiple versions
- Adobe Substance 3D Designer - version 14.0.2 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1289 | HPE security advisory [Published Date: 2025-02-11]
[Id:2025.02.11.006]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE ProLiant DL145 Gen11 - versions prior to v1.30_10-04-2024
- HPE ProLiant DL325 Gen10 Plus server - versions prior to v3.40_10-04-2024
- HPE ProLiant DL325 Gen10 Plus v2 server - versions prior to 3.40_10-04-2024
- HPE ProLiant DL325 Gen10 Server - versions prior to 3.30_10-04-2024
- HPE ProLiant DL325 Gen11 Server - versions prior to v1.70_09-06-2024
- HPE ProLiant DL345 Gen10 Plus server - versions prior to 3.40_10-04-2024
- HPE ProLiant DL345 Gen11 Server - versions prior to v1.70_09-06-2024
- HPE ProLiant DL365 Gen10 Plus server - versions prior to 3.40_10-04-2024
- HPE ProLiant DL365 Gen11 Server - versions prior to v1.70_09-06-2024
- HPE ProLiant DL385 Gen10 Plus server - versions prior to 3.40_10-04-2024
- HPE ProLiant DL385 Gen10 Plus v2 server - versions prior to 3.40_10-04-2024
- HPE ProLiant DL385 Gen10 Server - versions prior to 3.30_10-04-2024
- HPE ProLiant DL385 Gen11 Server - versions prior to v1.70_09-06-2024
- HPE ProLiant XL225n Gen10 Plus 1U Node - versions prior to 3.40_10-04-2024
- HPE ProLiant XL645d Gen10 Plus Server - versions prior to 3.40_10-04-2024
- HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.40_10-04-2024
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1290 | Intel Security Advisory. [Published Date: 2025-02-11]
[Id:2025.02.11.007]
details...
Intel published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Intel® RealSense™ Advisory
- Intel® MLC Software Advisory
- BIOS and System Firmware Update Package Advisory
- Intel® 800 Series Ethernet Driver Software
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 1291 | Apple Security Advisory. [Published Date: 2025-02-10]
[Id:2025.02.10.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18.3.1
- iPadOS - versions prior to 17.7.5
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1292 | IBM security advisory. [Published Date: 2025-02-09]
[Id:2025.02.09.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - CP4NA - version 2.7.6
- GDSC Platform On-prem - version 3.6.1
- IBM Asset Data Dictionary Component - version 1.1
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
- IBM Cloud Pak System - multiple versions
- IBM dashDB Local - version 11.5.8.0 to refresh 8
- IBM Observability with Instana (OnPrem) - build 281-287
- IBM Security QRadar EDR - version 3.12
- IBM QRadar Suite Software - version 1.10.12.0 to 1.10.24.0
- IBM watsonx.data - version 1.0.0 to 2.0.0
- PUB - version 7.0.2 and 7.0.3
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1293 | Ubuntu Security Advisory. [Published Date: 2025-02-09]
[Id:2025.02.09.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 24.10
Review the following Ubuntu Security Advisory and apply the necessary updates: | Ubuntu |
| 1294 | Dell Security Advisory. [Published Date: 2025-02-09]
[Id:2025.02.09.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Avamar Data Store Gen5A, Gen4T - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10 SP1
- Dell Avamar Virtual Edition - multiple versions and platforms
- Dell Protection Advisor - versions 19.9, 19.10 and 19.11
- Dell VxRail Appliance - versions 0.000 to 8.0.320
Review the following advisories and apply the necessary updates: | Dell |
| 1295 | IBM security advisory. [Published Date: 2025-02-09]
[Id:2025.02.09.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM App Connect Enterprise Certified Container - multiple versions
- IBM Operational Decision Manager - versions 8.11.0.1, 8.11.1.0, 8.12.0.1 and 9.0.0.1
- IBM QRadar Deployment Intelligence App - version 1.0.0 to 3.0.15
- IBM Watson Assistant for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.7
- IBM Watson Studio on Cloud Pak for Data - Execution Engine for Apache Hadoop - version 5.0
- IBM watsonx.data - versions 1.1.0 to 2.1.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1296 | Microsoft Edge Security Advisory. [Published Date: 2025-02-06]
[Id:2025.02.06.001]
details...
| Microsoft |
| 1297 | Cisco Security Advisory. [Published Date: 2025-02-05]
[Id:2025.02.05.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco IOS - versions 15.2E, 15.5SY and 15.9M
- Cisco IOS XE - versions 3.11E, 16.12, 17.9, 17.12 and 17.15
- Cisco IOS XR - versions 24.2 and prior, 24.3, 24.4 and 25.2
- Cisco Identity Services Engine (ISE) - versions 3.0, 3.1, 3.2 and 3.3
Review the following Cisco Security Advisory and apply the necessary updates | Cisco |
| 1298 | F5 Security Advisory. [Published Date: 2025-02-05]
[Id:2025.02.05.002]
details...
F5 published Quarterly Security Notifications for multiple products. Included were updates for the following: - BIG-IP (all modules) - multiple versions
- BIG-IP Next SPK - multiple versions
- BIG-IP (PEM) - multiple versions
- BIG-IP (ASM) - multiple versions
- BIG-IP (APM) - versions 16.1.3 to 16.1.4
- BIG-IP (AFM) - multiple versions
- BIG-IP Next CNF - versions 1.1.0 to 1.3.3
Review the F5 Security Advisories and apply the necessary updates. | F5 |
| 1299 | Veeam Security Advisory. [Published Date: 2025-02-04]
[Id:2025.02.04.001]
details...
Veeam published security advisories to address vulnerabilities in the following products: - Veeam Backup & Replication - version 12.2.0.334 and prior
- Veeam Service Provider Console - version 8.1.0.21377 and prior
Review the Veeam Security Advisory and apply the necessary updates. | Veeam |
| 1300 | HPE Security Advisory. [Published Date: 2025-02-04]
[Id:2025.02.04.002]
details...
HPE published a security advisory to address vulnerabilities in HPE Aruba Networking ClearPass Policy Manager - 6.12.x versions prior to 6.12.3 and 6.11.x versions prior to 6.11.9.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1301 | Mozilla Security Advisory. [Published Date: 2025-02-04]
[Id:2025.02.04.003]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 135
- Thunderbird ESR - versions prior to 128.7
- Firefox ESR - versions prior to 128.7
- Firefox ESR - versions prior to 115.20
- Firefox - versions prior to 135
Review the Mozilla Security Advisories and apply the necessary updates. | Mozilla |
| 1302 | Google Chrome Security Advisory. [Published Date: 2025-02-04]
[Id:2025.02.04.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.53 for Linux and prior to 33.0.6943.53/54 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1303 | Android security advisory - February 2025 Monthly Rollup. [Published Date: 2025-02-03]
[Id:2025.02.03.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1304 | Qualcomm Security Advisory - February 2025 monthly rollup. [Published Date: 2025-02-03]
[Id:2025.02.03.002]
details...
Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 1305 | Dell Security Advisory. [Published Date: 2025-02-02]
[Id:2025.02.02.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Data Protection Central - versions prior to 19.10
- Dell Enterprise SONiC Distribution - versions prior to 4.4.1 and 4.2.3
- Dell NetWorker Virtual Edition - multiple versions
- Dell NetWorker - multiple versions
- Dell PowerProtect DD - multiple versions
- Dell PowerStore X OS - versions prior to 3.2.1.5-2424458
- Dell VxRail Appliance - versions 7.0.000 to 7.0.533
- PowerProtect DP Series Appliances - versions prior to 2.7.8
- PowerProtect Data Protection Software - versions prior to 2.7.8
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1306 | IBM Security Advisory. [Published Date: 2025-02-02]
[Id:2025.02.02.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM CP4MCM - version 2.3 to 2.3 FP9
- IBM Db2 Warehouse on Cloud Pak for Data - multiple versions
- IBM Planning Analytics Local - IBM Planning Analytics Workspace - versions 2.1 and 2.0
- IBM Tivoli Network Manager IP Edition - version 4.2 GA to 4.2.0.20
- IBM Watson Speech Services Cartridge - version 4.0.0 to 4.8.7
- IBM® Db2® on Cloud Pak for Data - multiple versions
- ICP - Discovery - versions 4.0.0 to 4.8.7 and 5.0.0 to 5.0.3
- InfoSphere Information Server - version 11.7
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1307 | Ubuntu Security Advisory. [Published Date: 2025-02-02]
[Id:2025.02.02.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1308 | VMware Security Advisory. [Published Date: 2025-01-29]
[Id:2025.01.29.001]
details...
VMware released a security advisory to address multiple vulnerabilities in VMWare Avi Load Balancer - versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2.
Review VMware security advisory VMware VMSA-2025-002 and apply the necessary updates. | Vmware |
| 1309 | ISC BIND Security Advisory. [Published Date: 2025-01-29]
[Id:2025.01.29.002]
details...
ISC released a security advisory to address ISC BIND 9 - versions 9.11.0 to 9.11.37, 9.16.0 to 9.16.50, 9.18.0 to 9.18.32, 9.20.0 to 9.20.4 and 9.21.0 to 9.21.3.
Review the following advisories and apply the necessary updates: | ISC |
| 1310 | Ubuntu Security Advisory. [Published Date: 2025-01-28]
[Id:2025.01.28.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1311 | TeamViewer Security Advisory. [Published Date: 2025-01-28]
[Id:2025.01.28.002]
details...
| Teamviewer |
| 1312 | Apple Security Advisory. [Published Date: 2025-01-27]
[Id:2025.01.27.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18.3
- iOS iPadOS - versions prior to 17.7.4
- macOS Sequoia - versions prior to 15.3
- macOS Sonoma - versions prior to 14.7.3
- macOS Ventura - versions prior to 13.7.3
- Safari - versions prior to 18.3
- tvOS - versions prior to 18.3
- watchOS - versions prior to 11.3
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1313 | Red Hat Security Advisory. [Published Date: 2025-01-26]
[Id:2025.01.26.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1314 | Red Hat Security Advisory. [Published Date: 2025-01-26]
[Id:2025.01.26.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1315 | IBM Security Advisory. [Published Date: 2025-01-26]
[Id:2025.01.26.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.9 and versions 13.0.1.0 to 13.0.2.0
- IBM Observability with Instana (OnPrem) - versions 281 to 287
- IBM Engineering Lifecycle Optimization - PUB - versions 7.0.2 and 7.0.3
- IBM Storage Copy Data Management - versions 2.2.0.0 to 2.2.24.1
Review the following advisories and apply the necessary updates: | IBM |
| 1316 | GitHub Security Advisory. [Published Date: 2025-01-26]
[Id:2025.01.26.004]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitHub Enterprise Server - versions 3.15.x prior to 3.15.2
- GitHub Enterprise Server - versions 3.14.x prior to 3.14.7
- GitHub Enterprise Server - versions 3.13.x prior to 3.13.10
- GitHub Enterprise Server - versions 3.12.x prior to 3.12.14
Review the following advisories and apply the necessary updates: | Github |
| 1317 | Juniper Networks Security Advisory. [Published Date: 2025-01-24]
[Id:2025.01.24.001]
details...
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics - versions prior to 7.5.0 UP10 IF02.
Review the Juniper Networks Security Advisories - JSA82681 and apply the necessary updates. | Juniper |
| 1318 | SonicWall Security Advisory. [Published Date: 2025-01-23]
[Id:2025.01.23.001]
details...
SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - SonicWall Gen6 Hardware Firewalls - multiple models and version 6.5.4.15-117n and prior
- SonicWall Gen7 Firewalls - multiple models and versions
- SonicWall Gen7 NSv - multiple models and versions
- SonicWall Gen7 Cloud Platform NSv - multiple models and versions
- SonicWall TZ80 - version 8.0.0-8035
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1319 | Atlassian Security Advisory. [Published Date: 2025-01-23]
[Id:2025.01.23.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1320 | Cisco Security Advisory. [Published Date: 2025-01-22]
[Id:2025.01.22.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco BroadWorks - versions prior to RI.2024.11
- Cisco Meeting Management - versions prior to 3.9.1
Review the following Cisco Security Advisory and apply the necessary updates | Cisco |
| 1321 | Jenkins Security Advisory. [Published Date: 2025-01-22]
[Id:2025.01.22.002]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Azure Service Fabric Plugin - version 1.6 and prior
- Bitbucket Server Integration Plugin - version 4.1.3 and prior
- Eiffel Broadcaster Plugin - version 2.10.2 and prior
- Folder-based Authorization Strategy Plugin - version 17.vd5b_18537403e and prior
- GitLab Plugin - version 1.9.6 and prior
- OpenId Connect Authentication Plugin - version 4.452.v2849b_d3945fa_ and prior
- Zoom Plugin - up to and including 1.5
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1322 | GitLab Security Advisory. [Published Date: 2025-01-22]
[Id:2025.01.22.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.8.1, 17.7.3 and 17.6.4
- GitLab Enterprise Edition (EE) - versions prior to 17.8.1, 17.7.3 and 17.6.4
Review the provided GitLab Patch Release: 17.8.1, 17.7.3, 17.6.4, and perform the suggested mitigations. | Gitlab |
| 1323 | Oracle Security Advisory - January 2025. [Published Date: 2025-01-21]
[Id:2025.01.21.001]
details...
Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following: - Oracle Analytics
- Oracle Communications Applications
- Oracle Database Server
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Financial Services Applications
- Oracle Fusion Middleware
- Oracle GoldenGate
- Oracle Hospitality Applications
- Oracle JD Edwards
- Oracle MySQL
- Oracle PeopleSoft
- Oracle Retail applications
- Oracle Secure Backup
- Oracle Supply Chain Products
- Oracle Utilities Applications
Review Oracle Critical Patch Update Advisory - January 2025 and apply the necessary updates. | Oracle |
| 1324 | Dell Security Advisory. [Published Date: 2025-01-19]
[Id:2025.01.19.001]
details...
Dell published security advisories to address vulnerabilities in the Dell Open Manage Network Integration - versions prior to 3.7.
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1325 | IBM Security Advisory. [Published Date: 2025-01-19]
[Id:2025.01.19.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Maximo Application Suite - versions 8.10, 8.11 and 9.0
- IBM Maximo Application Suite IoT Component - versions 8.7, 8.8 and 9.0
- IBM Watson CP4D Data Stores - versions 4.0.0 to 5.0.3
Review the following advisories and apply the necessary updates: | IBM |
| 1326 | Ubuntu Security Advisory. [Published Date: 2025-01-19]
[Id:2025.01.19.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting Ubuntu 18.04 ESM.
Review the following Ubuntu Security Advisory and apply the necessary updates. | Ubuntu |
| 1327 | HPE Security Advisory. [Published Date: 2025-01-17]
[Id:2025.01.17.001]
details...
HPE published a security advisory to address vulnerabilities in HP-UX Apache-based Web Server - versions prior to B.2.4.62.00.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1328 | SAP Security Advisory - January 2025 Monthly Rollup. [Published Date: 2025-01-14]
[Id:2025.01.14.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 420, 430 and 2025
- SAP NetWeaver Application Server ABAP and ABAP Platform - multiple versions
- SAP NetWeaver AS for ABAP and ABAP Platform - multiple versions
- SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Platform) - multiple versions
- SAPSetup - version LMSAPSETUP 9.0
Review the SAP Security Patch Day - January 2025 and apply the necessary updates. | SAP |
| 1329 | Fortinet Security Advisory. [Published Date: 2025-01-14]
[Id:2025.01.14.002]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiAnalyzer Cloud 7.4 - versions 7.4.1 to 7.4.3
- FortiAnalyzer - multiple versions
- FortiManager - multiple versions
- FortiManager Cloud - versions 7.4.1 to 7.4.3
- FortiOS - multiple versions
- FortiProxy - multiple versions
- FortiSandbox - multiple versions
- FortiSwitch - multiple versions
Review the following advisories and apply the necessary updates: | Fortinet |
| 1330 | Microsoft January 2025 Security Updates. [Published Date: 2025-01-14]
[Id:2025.01.14.003]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - System Center 2019, 2022 and 2025
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
- .NET - version 8.0
- .NET - version 9.0
- Marketplace SaaS
- Microsoft 365 Apps for Enterprise - multiple versions and platforms
- Microsoft Access 2016
- Microsoft Defender for Endpoint
- Microsoft Edge
- Microsoft Excel 2016
- Microsoft/Muzic
- Microsoft Office - multiple versions and platforms
- Microsoft Project 2016 - multiple versions and platforms
- Microsoft Purview
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server Subscription Edition
- Microsoft SharePoint Server 2019
- Microsoft Update Catalog
- Microsoft Visual Studio - multiple versions
- Microsoft Word 2016
- Office Online Server
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1331 | Adobe Security Advisory. [Published Date: 2025-01-14]
[Id:2025.01.14.004]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Photoshop 2025 26.1 and earlier versions
- Photoshop 2024 25.12 and earlier versions
- Adobe Substance 3D Stager 3.0.4 and earlier versions
- Adobe Illustrator on iPad 3.0.7 and earlier versions
- Adobe Animate 2023 23.0.9 and earlier versions
- Adobe Animate 2024 24.0.6 and earlier versions
- Adobe Substance 3D Designer 14.0 and earlier versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1332 | Ivanti Security Advisory. [Published Date: 2025-01-14]
[Id:2025.01.14.005]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Avalanche - versions prior to 6.4.7
- Ivanti Application Control - versions prior to 2024.3 HF1, 2024.1 HF4 and 2023.3 HF3
- Ivanti Endpoint Manager - versions prior to EPM 2024 January-2025 Security Update, EPM 2022 SU6 January-2025 Security Update
- Ivanti Security Controls - versions prior to 2024
Review the following advisories and apply the necessary updates: | Ivanti |
| 1333 | Emerging Phishing Attack on the Cyber Space of Bangladesh. [Published Date: 2025-01-12]
[Id:2025.01.12.006]
details...
| BDNCIRT |
| 1334 | IBM Security Advisory. [Published Date: 2025-01-12]
[Id:2025.01.12.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products - IBM Cloud APM, Base Private - versions 8.1.4.0 to 8.1.4.0 IF16
- IBM Cloud APM, Advanced Private - versions 8.1.4.0 to 8.1.4.0 IF16
- IBM Cognos Analytics - versions 12.0.0 t0 12.03, 11.2.0 to 11.2.4 FP4
- IBM Engineering Requirements Management DOORS Next - versions 7.02 and 7.03
- IBM Jazz Foundation - versions 7.02, 7.03 and 7.1.0
- IBM Jazz Reporting Service - versions 7.02 and 7.03
- IBM Netezza for Cloud Pak for Data (on Cloud) - versions prior to 11.2.3.3
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP10
- IBM Spectrum Protect Plus - versions 10.1.0 to 10.1.16.3
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1335 | Ubuntu Security Advisory. [Published Date: 2025-01-12]
[Id:2025.01.12.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1336 | Dell Security Advisory. [Published Date: 2025-01-12]
[Id:2025.01.12.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Networking SmartFabric Storage Sofware - versions prior to 1.4.3
- Dell VxRail Appliance - versions 8.0.000 to 8.0.311
Review the following advisories and apply the necessary updates: | Dell |
| 1337 | Red Hat Security Advisory. [Published Date: 2025-01-12]
[Id:2025.01.12.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1338 | Emerging Phishing Attack on Cyber Space of Bangladesh [Published Date: 2025-01-12]
[Id:2025.01.12.005]
details...
TLP: CLEAR Distribution: Public Type of Threat: Phishing E-Mail Date: 12 January 2025 Executive Summary Recently, we have observed a surge in phishing attacks targeting various government organizations, law enforcement agencies, educational institutions, and others, with the attacks spreading further through compromised accounts. This campaign is targeted to steal sensitive information by impersonating official entities and leveraging malicious attachments and links. This advisory provides details... | BDNCIRT |
| 1339 | Juniper Networks Security Advisory. [Published Date: 2025-01-08]
[Id:2025.01.08.001]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - Junos OS - multiple versions
- Junos OS Evolved - multiple versions
- Junos Space - versions prior to 24.1R2
Review the following advisories and apply the necessary updates: | Juniper |
| 1340 | Ivanti Security Advisory. [Published Date: 2025-01-08]
[Id:2025.01.08.002]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Connect Secure - versions prior to 22.7R2.5 and versions 9.1R18.9 and prior
- Ivanti Policy Secure - versions prior to 22.7R1.2
- Ivanti Neurons for ZTA Gateways - versions prior to 22.7R2.3
Review the Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways and apply the necessary updates. | Ivanti |
| 1341 | Palo Alto Networks Security Advisory. [Published Date: 2025-01-08]
[Id:2025.01.08.003]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Expedition 1 migration tool - versions prior to 1.2.101.
Review the Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1342 | SonicWall Security Advisory. [Published Date: 2025-01-07]
[Id:2025.01.07.001]
details...
SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - SonicWall Gen6 Hardware Firewalls - multiple models and version 6.5.4.15-117n and prior
- SonicWall Gen7 Firewalls - multiple models and versions
- SonicWall Gen7 NSv - multiple models and versions
- SonicWall Gen7 Cloud Platform NSv - multiple models and versions
- SonicWall TZ80 - version 8.0.0-8035
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1343 | HPE Security Advisory [Published Date: 2025-01-06]
[Id:2025.01.06.001]
details...
HPE published a security advisory to address vulnerabilities in Brocade Fabric OS - multiple versions. Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1344 | Android security advisory - January 2025 Monthly Rollup. [Published Date: 2025-01-06]
[Id:2025.01.06.002]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1345 | Dell Security Advisory. [Published Date: 2025-01-05]
[Id:2025.01.05.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Apache Tomcat on Dell OpenManage Server Administrator - versions prior to 11.1.0.0
- Apache Tomcat on Dell Systems Management Tools and Documentation DVD ISO - versions prior to 11.1.0.0
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1346 | IBM Security Advisory. [Published Date: 2024-12-29]
[Id:2024.12.29.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Content Collector for SAP Applications - version 4.0.0
- IBM Security QRadar Log Management AQL Plugin - version 1.0 to 1.1
Review the following advisories and apply the necessary updates: | IBM |
| 1347 | IBM Security Advisory. [Published Date: 2024-12-29]
[Id:2024.12.29.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - API Big SQL on IBM Cloud Pak for Data - versions IBM Big SQL 7.2, IBM Big SQL 7.3, IBM Big SQL 7.4 and IBM Big SQL 7.5
- IBM Maximo Application Suite - Monitor Component - versions 8.10.14, 8.11.12 and 9.0.4
- IBM® Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - versions v3.5 through refresh 10, v4.0 through refresh 9, v4.5 through refresh 3, v4.6 through refresh 6, v4.7 through refresh 4, v4.8 through refresh 6, v5.0 through refresh 2 and v5.0 through
- refresh 3
Review the following advisories and apply the necessary updates: | IBM |
| 1348 | Palo Alto Networks Security Advisory. [Published Date: 2024-12-26]
[Id:2024.12.26.001]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following: - PAN-OS 11.2 - versions prior to 11.2.3
- PAN-OS 11.1 - versions prior to 11.1.5
- PAN-OS 10.2 - versions 10.2.8 and later, versions prior to 10.2.10-h2 and versions prior to 10.2.13.h2
- PAN-OS 10.1 - versions 10.1.14 and later, versions prior to 10.1.14-h8
- Prisma Access - versions 10.2.8 on PAN-OS and later, versions prior to 11.2.3 on PAN-OS
Review the following advisories and apply the necessary updates: | Palo Alto Networks |
| 1349 | Apache Security Advisory. [Published Date: 2024-12-26]
[Id:2024.12.26.002]
details...
Apache published a security advisory to address vulnerabilities in the following products: - Apache MINA - versions 2.0.x prior to 2.0.27
- Apache MINA - versions 2.1.x prior to 2.1.10
- Apache MINA - versions 2.2.x prior to 2.2.4
- Apache Traffic Control - version 8.0.0 to 8.0.1
Review the following advisories and apply the necessary updates: | Apache |
| 1350 | Ubuntu Security Advisory. [Published Date: 2024-12-23]
[Id:2024.12.23.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 24.10
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1351 | IBM Security Advisory. [Published Date: 2024-12-23]
[Id:2024.12.23.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - API Connect - version V10.0.0 to V10.0.8
- IBM Asset Data Dictionary Component - version 1.1
- IBM Cognos Analytics - versions 11.2.0 to 11.2.4 FP4 and 12.0.0 to 12.0.3
- IBM Planning Analytics - versions 2.0 and 2.1
- IBM Planning Analytics Local - IBM Planning Analytics Workspace - versions 2.0 and 2.1
- IBM Watson Assistant for IBM Cloud Pak for Data - version 4.0.0 to 5.0.3
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1352 | BeyondTrust Security Advisory. [Published Date: 2024-12-19]
[Id:2024.12.19.001]
details...
BeyondTrust published a security advisory to address vulnerabilities in the following products: - Privileged Remote Access (PRA) - versions 24.3.1 and prior
- Remote Support (RS) - versions 24.3.1 and prior
Review the following advisories and apply the necessary updates: | Beyondtrust |
| 1353 | Sophos Security Advisory. [Published Date: 2024-12-19]
[Id:2024.12.19.002]
details...
Sophos has released security updates to address vulnerabilities in Sophos Firewall v21.0 GA (21.0.0) and older.
Review Sophos's Security Update and apply the necessary updates. | Sophos |
| 1354 | Fortinet security advisory. [Published Date: 2024-12-18]
[Id:2024.12.18.001]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiClientLinux 7.4 - versions 7.4.0 to 7.4.2
- FortiClientLinux 7.2 - versions 7.2.0 to 7.2.7
- FortiClientLinux 7.0 - versions 7.0.0 to 7.0.13
- FortiClientWindows 7.4 - versions 7.4.0 to 7.4.1
- FortiClientWindows 7.2 - versions 7.2.0 to 7.2.6
- FortiClientWindows 7.0 - versions 7.0.0 to 7.0.13
- FortiManager 7.6 - version 7.6.0
- FortiManager 7.4 - versions 7.4.0 to 7.4.4 and versions Cloud 7.4.1 to 7.4.4
- FortiManager 7.2 - versions 7.2.3 to 7.2.7 and versions Cloud 7.2.1 to 7.2.7
- FortiManager 7.0 - version 7.0.5 to 7.0.12 and versions Cloud 7.0.1 to 7.0.12
- FortiManager 6.4 - versions 6.4.10 to 6.4.14
- FortiWLM 8.6 - versions 8.6.0 to 8.6.5
- FortiWLM 8.5 - versions 8.5.0 to 8.5.4
Review the following advisories and apply the necessary updates: | Fortinet |
| 1355 | Google Chrome Security Advisory. [Published Date: 2024-12-18]
[Id:2024.12.18.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 131.0.6778.204 for Linux and prior to 131.0.6778.204/.205 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1356 | Foxit Security Advisory. [Published Date: 2024-12-17]
[Id:2024.12.17.001]
details...
Foxit published security advisories to address vulnerabilities in the following products: - Foxit PDF Editor (Windows) - multiple versions
- Foxit PDF Editor for Mac - multiple versions
- Foxit PDF Reader (Windows) - version 2024.3.0.26795 and prior
- Foxit PDF Reader for Mac - version 2024.3.0.65538 and prior
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 1357 | Apache Security Advisory. [Published Date: 2024-12-17]
[Id:2024.12.17.002]
details...
Apache published a security advisory to address vulnerabilities in the following products: - Apache Tomcat - versions 11.0.0-M1 to 11.0.1
- Apache Tomcat - versions 10.1.0-M1 to 10.1.33
- Apache Tomcat - versions 9.0.0.M1 to 9.0.97
Review the following advisories and apply the necessary updates: | Apache |
| 1358 | Ubuntu Security Advisory. [Published Date: 2024-12-15]
[Id:2024.12.15.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1359 | IBM Security Advisory. [Published Date: 2024-12-15]
[Id:2024.12.15.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM App Connect Enterprise - versions 13.0.1.0 to 13.0.1.1, versions 12.0.1.0 to 12.0.12.8
- IBM Cloud Pak for AIOps - versions 4.1.0 to 4.7.1
- IBM Cognos Dashboards on Cloud Pak for Data - versions 5.0.0 and 4.8.0
- IBM Guardium Data Security Center - version 3.4.1
- IBM Operations Analytics - Log Analysis - version 1.3.8.0
- IBM Process Mining - versions 1.15.0 IF004, 1.15.0 IF003, 1.15.0 IF002, 1.15.0 IF001 and 1.15.0
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP10 IF01
- QRadar Incident Forensics - versions 7.5 to 7.5.0 UP10 IF01
- IBM Security QRadar Log Management AQL Plugin - version 1.0.0
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - versions 4.0.0 to 5.0.3
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1360 | Dell Security Advisory. [Published Date: 2024-12-15]
[Id:2024.12.15.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.02.02.00
- Avamar Data Store Gen5A, Gen4T - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10SP1
- Avamar Server - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10SP1
- Data Lakehouse Bundle - versions prior to 1.2.0.0
- Cloud Tiering Appliance CTA, CTA-HA, CTA/VE and CTA-HA/VE - versions prior to 13.2.0.2.32
- Connectrix B-Series FOS - multiple versions
- InsightIQ Installation Package - versions prior to 5.1.1
- PowerFlex appliance IC - versions prior to IC 46.376.00 and versions prior to IC 46.381.00
- PowerFlex rack RCM - versions prior to 3.8.1.0 and versions prior to 3.7.6.0
- PowerFlex Manager - versions prior to 4.6.1.0
- RecoverPoint for Virtual Machines - versions 6.0 SP1 and 6.0 SP1 P1
- VxRail VxVerify - versions prior to x.40.405
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1361 | Ivanti Security Advisory. [Published Date: 2024-12-12]
[Id:2024.12.12.001]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Application Control - versions 2024.3, 2024.1 and 2023.3
- Ivanti Automation - version 2024.4 and prior
- Ivanti Performance Manager - versions 2024.3, 2024.1 and 2023.3
- Ivanti Security Control - versions 2024 and prior
- Ivanti Workspace Control - versions 10.18.30.0 and prior
Review the following advisories and apply the necessary updates: | Ivanti |
| 1362 | Microsoft Edge Security Advisory. [Published Date: 2024-12-12]
[Id:2024.12.12.002]
details...
| Microsoft |
| 1363 | HPE Security Advisory. [Published Date: 2024-12-12]
[Id:2024.12.12.003]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Service Director - versions prior to v5.1.2
- HPE SimpliVity 325 Gen10 - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 325 Gen10 Plus - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 325 Gen11 - versions prior to HPE SimpliVity Gen11 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 380 Gen11 - versions prior to HPE SimpliVity Gen11 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 380 Gen10 - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 380 Gen10 G - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 380 Gen10 H - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 190r Gen10 Server - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 170r Gen10 Server - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
- HPE SimpliVity 380 Gen10 Plus - versions prior to HPE SimpliVity Gen10 Support Pack (SVTSP) v2024_1129
Review the following advisories and apply the necessary updates: | HPE |
| 1364 | GitHub Security Advisory. [Published Date: 2024-12-11]
[Id:2024.12.11.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.6.2, 17.5.4 and 17.4.6
- GitLab Enterprise Edition (EE) - versions prior to 17.6.2, 17.5.4 and 17.4.6
Review the provided GitLab Patch Release: 17.6.2, 17.5.4, 17.4.6, and perform the suggested mitigations. | Gitlab |
| 1365 | Apple Security Advisory. [Published Date: 2024-12-11]
[Id:2024.12.11.002]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18.2
- iOS iPadOS - versions prior to 17.7.3
- macOS Sequoia - versions prior to 15.2
- macOS Sonoma - versions prior to 14.7.2
- macOS Ventura - versions prior to 13.7.2
- watchOS 11.2 - versions prior to 11.2
- tvOS - versions prior to 18.2
- Safari - versions prior to 18.2
- visionOS - versions prior to 2.2
Review the following advisories and apply the necessary updates: | Apple |
| 1366 | Drupal Security Advisory. [Published Date: 2024-12-11]
[Id:2024.12.11.003]
details...
Drupal published security advisories to address vulnerabilities in Drupal Login Disable - versions 2.0.0 prior to 2.1.1 .
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1367 | Mozilla Security Advisory. [Published Date: 2024-12-11]
[Id:2024.12.11.004]
details...
Mozilla published security advisories to address vulnerabilities Firefox ESR - versions prior to 115.18.
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1368 | Google Chrome Security Advisory. [Published Date: 2024-12-10]
[Id:2024.12.10.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 131.0.6778.139 for Linux and prior to 131.0.6778.139/.140 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1369 | Adobe Security Advisory. [Published Date: 2024-12-10]
[Id:2024.12.10.002]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe FrameMaker 2020 Release Update 7 and earlier
- Adobe FrameMaker 2022 Release Update 5 and earlier
- Adobe Substance 3D Painter 10.1.1 and earlier versions
- Adobe Premiere Pro 25.0 and earlier versions
- Adobe Premiere Pro 24.6.3 and earlier versions
- Adobe Bridge 14.1.3 and earlier versions
- Adobe Bridge 15.0 and earlier versions
- Adobe Substance 3D Modeler 1.14.1 and earlier versions
- Photoshop 2025 26.0 and earlier versions
- Adobe Substance 3D Sampler 4.5.1 and earlier versions
- Adobe Connect 12.6 and earlier versions
- Adobe Connect 11.4.7 and earlier versions
- Adobe PDFL Software Development Kit (SDK) PDFL SDK 21.0.0.5 and earlier versions
- Adobe InDesign ID19.5 and earlier versions
- Adobe InDesign ID18.5.4 and earlier versions
- Adobe Animate 2023 23.0.8 and earlier versions
- Adobe Animate 2024 24.0.5 and earlier versions
- Adobe After Effects 24.6.2 and earlier versions
- Adobe After Effects 25.0.1 and earlier versions
- Illustrator 2025 29.0.0 and earlier versions
- Illustrator 2024 28.7.2 and earlier versions
- Adobe Media Encoder 24.6.3 and earlier versions
- Adobe Media Encoder 25.0 and earlier versions
- Acrobat DC 24.005.20307 and earlier versions continuous
- Acrobat Reader DC 24.005.20307 and earlier versions continuous
- Acrobat 2024 24.001.30213 and earlier versions (Windows) classic 2024
- Acrobat 2024 24.001.30193 and earlier versions (MacOS) classic 2024
- Acrobat 2020 20.005.30730 and earlier versions (Windows) classic 2020
- Acrobat 2020 20.005.30710 and earlier versions (MacOS) classic 2020
- Acrobat Reader 2020 20.005.30730 and earlier versions (Windows) classic 2020
- Acrobat Reader 2020 20.005.30710 and earlier versions (MacOS) classic 2020
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.21 and earlier versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1370 | SAP Security Advisory - December 2024 Monthly Rollup. [Published Date: 2024-12-10]
[Id:2024.12.10.003]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP NetWeaver AS for JAVA (Adobe Document Services) - version ADSSSAP 7.50
- SAP NetWeaver Application Server ABAP - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89 and 7.93
Review the SAP Security Patch Day - December 2024 and apply the necessary updates. | SAP |
| 1371 | Ivanti Security Advisory. [Published Date: 2024-12-10]
[Id:2024.12.10.004]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Cloud Services Application (CSA) - version 5.0.2 and prior
- Ivanti Connect Secure (ICS) - version 22.7R2.3 and prior
- Ivanti Policy Secure (IPS) - version 22.7R1.1 and prior
- Ivanti Sentry - versions 9.20.1 and prior and 10.0.1 and prior
Review the following advisories and apply the necessary updates: | Ivanti |
| 1372 | Atlassian Security Advisory. [Published Date: 2024-12-10]
[Id:2024.12.10.005]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1373 | IBM Security Advisory. [Published Date: 2024-12-08]
[Id:2024.12.08.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM App Connect Enterprise Certified Container - multiple versions
- IBM Observability with Instana (OnPrem) - version Build 261 to 283
Review the following advisories and apply the necessary updates: | IBM |
| 1374 | Dell Security Advisory. [Published Date: 2024-12-08]
[Id:2024.12.08.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:: - APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.01.01.00
- Dell NetWorker - versions 19.10 to 19.10.0.5, versions 19.11 to 19.11.0.1, versions 19.8 to 19.8.0.4, versions 19.9 to 19.9.0.7 and versions prior to 19.8
- Dell RecoverPoint Classic - versions 5.1 sp4 p3, 5.1 sp4 p4 and versions 5.1 sp4 p2
Review the following advisories and apply the necessary updates: | Dell |
| 1375 | Microsoft Edge Security Advisory. [Published Date: 2024-12-05]
[Id:2024.12.05.001]
details...
| Microsoft |
| 1376 | Veeam Security Advisory. [Published Date: 2024-12-04]
[Id:2024.12.04.001]
details...
Veeam published security advisories to address vulnerabilities in the following products: - Veeam Backup & Replication - version 12.2.0.334 and prior
- Veeam Service Provider Console - version 8.1.0.21377 and prior
Review the following advisories and apply the necessary updates: | Veeam |
| 1377 | Drupal Security Advisory. [Published Date: 2024-12-04]
[Id:2024.12.04.002]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Drupal Download All Files - versions prior to 2.0.2
- Drupal Pages Restriction Access - versions 2.0.0 to prior to 2.0.3
- Drupal OAuth and OpenID Connect Single Sign On - SSO (OAuth/OIDC Client) - versions 3.0.0 to prior to 3.44.0 and 4.0.0 to prior to 4.0.19
- Drupal Print Anything - unsupported
- Drupal Megamenu Framework - unsupported
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1378 | Google Chrome Security Advisory. [Published Date: 2024-12-03]
[Id:2024.12.03.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 131.0.6778.108 for Linux and prior to 131.0.6778.108/.109 for Windows and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1379 | SonicWall Security Advisory. [Published Date: 2024-12-03]
[Id:2024.12.03.002]
details...
SonicWall published a security advisory to address vulnerabilities in SonicWall SMA SSL-VPN 100 Series - version 10.2.1.13-72sv and prior.
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1380 | Android security advisory - December 2024 Monthly Rollup. [Published Date: 2024-12-02]
[Id:2024.12.02.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1381 | Ubuntu Security Advisory [Published Date: 2024-12-01]
[Id:2024.12.01.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting Ubuntu 16.04 ESM.
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1382 | IBM Security Advisory. [Published Date: 2024-12-01]
[Id:2024.12.01.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Planning Analytics - versions 2.0 and 2.1
- IBM Robotic Process Automation - version 21.0.0 to 21.0.7.16, version 23.0.0 to 23.0.18
- IBM Robotic Process Automation for Cloud Pak - version 21.0.0 to 21.0.7.16, version 23.0.0 to 23.0.18
- IBM Sterling Connect:Direct Web Services - versions 6.1.0, 6.2.0 and 6.3.0
- IBM Sterling Secure Proxy - version 6.0.0.0 to 6.0.30 and version 6.1.0.0
- QRadar User Behavior Analytics - version 1.0.0 to 4.1.16
- SPSS Collaboration and Deployment Services - version 8.5
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1383 | Jenkins Security Advisory. [Published Date: 2024-11-27]
[Id:2024.11.27.001]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Jenkins weekly - version 2.486 and prior
- Jenkins LTS - version 2.479.1 and prior
- Filesystem List Parameter Plugin - version 0.0.14 and prior
- Simple Queue Plugin - version 1.4.4 and prior
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1384 | Apache Security Advisory. [Published Date: 2024-11-27]
[Id:2024.11.27.002]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Apache Struts - versions 2.0.0 to 2.3.37 (EOL)
- Apache Struts - versions 2.5.0 to 2.5.33
- Apache Struts - versions 6.0.0 to 6.3.0.2
Review the Apache security advisory and apply the necessary updates. | Apache |
| 1385 | Mozilla Security Advisory. [Published Date: 2024-11-26]
[Id:2024.11.26.001]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 133
- Thunderbird - versions prior to 128.5
- Firefox ESR - versions prior to 115.18
- Firefox ESR - versions prior to 128.5
- Firefox - versions prior to 133
Review the Mozilla Security Advisories and apply the necessary updates. | Mozilla |
| 1386 | VMware Security Advisory. [Published Date: 2024-11-26]
[Id:2024.11.26.002]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Aria Operations - versions 8.x
- VMware Cloud Foundation (VMware Aria Operations) - versions 5.x and 4.x
Review the following advisories and apply the necessary updates: | Vmware |
| 1387 | GitHub Security Advisory. [Published Date: 2024-11-26]
[Id:2024.11.26.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.4.5, 17.5.3 and 17.6.1
- GitLab Enterprise Edition (EE) - versions prior to 17.4.5, 17.5.3 and 17.6.1
Review the provided GitLab Patch Release: 17.6.1, 17.5.3, 17.4.5, and perform the suggested mitigations. | Gitlab |
| 1388 | HPE Security Advisory. [Published Date: 2024-11-25]
[Id:2024.11.25.001]
details...
HPE published a security advisory to address vulnerabilities in HPE AutoPass License Server (APLS) - versions prior to 9.17.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1389 | IBM Security Advisory. [Published Date: 2024-11-24]
[Id:2024.11.24.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Planning Analytics - versions 2.0 and 2.1
- IBM Robotic Process Automation - version 21.0.0 to 21.0.7.16, version 23.0.0 to 23.0.18
- IBM Robotic Process Automation for Cloud Pak - version 21.0.0 to 21.0.7.16, version 23.0.0 to 23.0.18
- IBM Sterling Connect:Direct Web Services - versions 6.1.0, 6.2.0 and 6.3.0
- IBM Sterling Secure Proxy - version 6.0.0.0 to 6.0.30 and version 6.1.0.0
- QRadar User Behavior Analytics - version 1.0.0 to 4.1.16
- SPSS Collaboration and Deployment Services - version 8.5
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1390 | Ubuntu Security Advisory. [Published Date: 2024-11-24]
[Id:2024.11.24.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1391 | Red Hat Security Advisory. [Published Date: 2024-11-24]
[Id:2024.11.24.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1392 | Trellix security advisory [Published Date: 2024-11-22]
[Id:2024.11.22.001]
details...
Trellix published a security advisory to address vulnerabilities in the Trellix Enterprise Security Manager (ESM) - versions prior to 11.6.13.
Review the Trellix Security Notices and apply the necessary updates. | Trellix |
| 1393 | Microsoft Edge Security Advisory. [Published Date: 2024-11-21]
[Id:2024.11.21.001]
details...
| Microsoft |
| 1394 | Drupal Security Advisory. [Published Date: 2024-11-20]
[Id:2024.11.20.001]
details...
Drupal published security advisories to address vulnerabilities in Drupal core - versions prior to 7.102.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1395 | Google Chrome Security Advisory. [Published Date: 2024-11-19]
[Id:2024.11.19.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 131.0.6778.85 for Linux and prior to 131.0.6778.85/.86 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1396 | Apple Security Advisory. [Published Date: 2024-11-19]
[Id:2024.11.19.002]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 17.7.2
- iOS iPadOS - versions prior to 18.1.1
- macOS Sequoia - versions prior to 15.1.1
- visionOS - versions prior to 2.1.1
Review the following advisories and apply the necessary updates: | Apple |
| 1397 | Atlassian Security Advisory [Published Date: 2024-11-19]
[Id:2024.11.19.003]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
- Sourcetree for Mac - multiple versions
- Sourcetree for Windows - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1398 | Palo Alto Networks Security Advisory. [Published Date: 2024-11-18]
[Id:2024.11.18.001]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following: - Palo Alto Networks PAN-OS 11.2 < 11.2.4-h1
- Palo Alto Networks PAN-OS 11.1 < 11.1.5-h1
- Palo Alto Networks PAN-OS 11.0 < 11.0.6-h1
- Palo Alto Networks PAN-OS 10.2 < 10.2.12-h2
- Palo Alto Networks PAN-OS 10.1 < 10.1.14-h6
Review the following advisories and apply the necessary updates: | Palo Alto Networks |
| 1399 | Dell Security Advisory. [Published Date: 2024-11-17]
[Id:2024.11.17.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:: - CyberSense - versions 8.0 to 8.9
- Dell Connectrix Cisco MDS 9000 Series - versions 12.0 to 12.2.1
- Dell NetWorker Server - versions 19.10 to 19.10.0.5, versions 19.11 to 19.11.0.1, versions 19.8 to 19.8.0.4, versions 19.9 to 19.9.0.7 and versions prior to 19.8
- Dell Networking OS10 - versions 10.5.6.x, 10.5.5.x, and 10.5.4.x
- Dell Power Protect Data Manager - versions prior to 19.17
- Dell PowerEdge Servers - versions prior to 2.4.4
- Dell XC Core - versions prior to 2.4.4
- PowerProtect Cyber Recovery - versions prior to 19.17.0.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1400 | IBM Security Advisory. [Published Date: 2024-11-17]
[Id:2024.11.17.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.7 and 13.0.1.0
- IBM CICS TX Advanced - versions 10.1 and 11.1
- IBM CICS TX Standard - version 11.1
- IBM Cloud Pak for AIOps - versions 4.1.0 to 4.7.0
- IBM DevOps Code ClearCase - version 11.0
- IBM Event Streams - versions 10.0.0 to 11.5.1
- IBM Integrated Analytics System - version 1.0.0 to 1.0.30.0
- IBM Rational ClearCase - versions 10.0.0 and 9.1
- IBM Sterling Secure Proxy - versions 6.0.0.0 to 6.0.3.0 and 6.1.0.0
- IBM Tivoli Network Manager IP Edition - version 4.2 GA to 4.2.0.19
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1401 | Ubuntu Security Advisory. [Published Date: 2024-11-17]
[Id:2024.11.17.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1402 | Red Hat Security Advisory. [Published Date: 2024-11-17]
[Id:2024.11.17.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1403 | HPE Security Advisory. [Published Date: 2024-11-15]
[Id:2024.11.15.001]
details...
HPE published a security advisory to address vulnerabilities HP-UX OpenSSL Software - versions prior to A.03.00.15.001.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1404 | Microsoft Edge Security Advisory. [Published Date: 2024-11-14]
[Id:2024.11.14.001]
details...
| Microsoft |
| 1405 | GitHub Security Advisory. [Published Date: 2024-11-13]
[Id:2024.11.13.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.5.2, 17.4.4 and 17.3.7
- GitLab Enterprise Edition (EE) - versions prior to 17.5.2, 17.4.4 and 17.3.7
Review the provided GitLab Patch Release: 17.5.2, 17.4.4, 17.3.7 and perform the suggested mitigations. | Gitlab |
| 1406 | Drupal Security Advisory. [Published Date: 2024-11-13]
[Id:2024.11.13.002]
details...
Drupal published security advisories to address vulnerabilities in POST File - versions prior to 1.0.2.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1407 | Intel Security Advisory. [Published Date: 2024-11-13]
[Id:2024.11.13.003]
details...
Intel published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Intel Neural Compressor software - versions prior to v3.0
- Intel Endpoint Management Assistant software - versions prior to 1.13.1.0
- Intel Computing Improvement Program software - versions prior to 2.4.10852
- Intel Atom, Celeron, Core, Pentium and XEON CPUs - multiple models
- Intel Server Board S2600ST, S2600BP, S2600BPBR, M20NTP, M10JPN2SB and M70KLP Families - all firmware versions
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 1408 | Palo Alto Networks Security Advisory. [Published Date: 2024-11-13]
[Id:2024.11.13.004]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Prisma Access Browser - versions prior to 130.59.2920.7.
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1409 | Palo Alto Networks Emphasizes Hardening Guidance. [Published Date: 2024-11-13]
[Id:2024.11.13.005]
details...
Palo Alto Networks (PAN) has released an important informational bulletin on securing management interfaces after becoming aware of claims of an unverified remote code execution vulnerability via the PAN-OS management interface.
Review PAN's instruction for accessing the organization's scan results for internet-facing management interfaces and take immediate action if required: | Palo Alto Networks |
| 1410 | Ivanti Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.001]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Endpoint Manager (EPM)
- Ivanti Avalanche
- Ivanti Connect Secure
- Ivanti Policy Secure
- Ivanti Security Access Client
Review the following advisories and apply the necessary updates: | ivanti |
| 1411 | Ubuntu Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1412 | Citrix Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.003]
details...
Citrix published security advisories to address vulnerabilities in the following products: - NetScaler ADC and NetScaler Gateway 14.1 - versions prior to 14.1-29.72
- NetScaler ADC and NetScaler Gateway 13.1 - versions prior to 13.1-55.34
- NetScaler ADC 13.1-FIPS - versions prior to 13.1-37.207
- NetScaler ADC 12.1-FIPS - versions prior to 12.1-55.321
- NetScaler ADC 12.1-NDcPP - versions prior to 12.1-55.321
Review the following advisories and apply the necessary updates: | Citrix |
| 1413 | SAP Security Advisory - November 2024 Monthly Rollup. [Published Date: 2024-11-12]
[Id:2024.11.12.004]
details...
SAP published security advisories to address vulnerabilities SAP Web Dispatcher - versions WEBDISP 7.77, 7.89, 7.93, KERNEL 7.77, 7.89, 7.93, 9.12 and 9.13.
Review the SAP Security Patch Day - November 2024 and apply the necessary updates. | SAP |
| 1414 | HPE Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.005]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Alletra 4110 - versions prior to 2.30_08-09-2024
- HPE Alletra 4120 - versions prior to 2.30_08-09-2024
- HPE Alletra 4140 - versions prior to 2.30_08-09-2024
- HPE Compute Edge Server e930t - versions prior to 2.30_08-09-2024
- HPE Cray XD665 - versions prior to 1.50 (Cray SC XD665 Firmware Pack 2024.09.00)
- HPE Cray XD670 - versions prior to 2.01
- HPE Cray EX235a Accelerator Blade - versions prior to 1.9.0 (HFP 24.9.0)
- HPE Cray EX235n Server - versions prior to 1.4.0 (HFP 24.8.1)
- HPE Cray EX254n Accelerator Blade - versions prior to 1.9.0 (HFP 24.8.1)
- HPE Cray EX255a Accelerator Blade - versions prior to 1.1.1 (HFP 24.9.0)
- HPE Cray EX420 Compute Blade - versions prior to 1.3.2 (HFP 24.8.1)
- HPE Cray EX425 Compute Blade - versions prior to 1.7.4 (HFP 24.8.1)
- HPE Cray EX4252 Compute Blade - versions prior to 1.7.0 (HFP 24.9.0)
- HPE IP Meditation - versions prior to 8.5.1
- HPE ProLiant DL110 Gen11 - versions prior to 2.30_08-09-2024
- HPE ProLiant DL320 Gen11 Server - versions prior to 2.30_08-09-2024
- HPE ProLiant DL360 Gen11 Server - versions prior to 2.30_08-09-2024
- HPE ProLiant DL380 Gen11 Server - versions prior to 2.30_08-09-2024
- HPE ProLiant DL380a Gen11 - versions prior to 2.30_08-09-2024
- HPE ProLiant DL560 Gen11 - versions prior to 2.30_08-09-2024
- HPE ProLiant ML110 Gen11 - versions prior to 2.30_08-09-2024
- HPE ProLiant ML350 Gen11 Server - versions prior to 2.30_08-09-2024
- HPE ProLiant XL645d Gen10 Plus Server - versions prior to v3.10 (HFP 24.8.1)
- HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.10 (HFP 24.8.1)
- HPE Synergy 480 Gen11 Compute Module - versions prior to 2.30_08-09-2024
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1415 | Google Chrome Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.006]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 131.0.6778.69 for Linux and prior to 131.0.6778.69/.70 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1416 | Microsoft November 2024 Security Updates. [Published Date: 2024-11-12]
[Id:2024.11.12.007]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - SQL Server
- Microsoft Virtual Hard Drive
- Windows SMBv3 Client/Server
- Windows USB Video Driver
- Microsoft Windows DNS
- Windows NTLM
- Windows Registry
- .NET and Visual Studio
- Windows Update Stack
- LightGBM
- Azure CycleCloud
- Azure Database for PostgreSQL
- Windows Telephony Service
- Windows NT OS Kernel
- Role: Windows Hyper-V
- Windows VMSwitch
- Windows DWM Core Library
- Windows Kernel
- Windows Secure Kernel Mode
- Windows Kerberos
- Windows SMB
- Windows CSC Service
- Windows Defender Application Control (WDAC)
- Windows Active Directory Certificate Services
- Microsoft Office Excel
- Microsoft Graphics Component
- Microsoft Office Word
- Windows Task Scheduler
- Microsoft Exchange Server
- Visual Studio
- Windows Win32 Kernel Subsystem
- TorchGeo
- Visual Studio Code
- Microsoft PC Manager
- Airlift.microsoft.com
Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide). | Microsoft |
| 1417 | Adobe Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.008]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe After Effects - version 24.6.2 and prior, version 23.6.9 and prior
- Adobe Audition - version 24.4.6 and prior, version 23.6.9 and prior
- Adobe Bridge - version 13.0.9 and prior, version 14.1.2 and prior
- Adobe Commerce and Magento Open Source - version 3.2.5 and prior
- Adobe InDesign - version ID19.5 and prior, version ID18.5.3 and prior and version ID18.5.2 and prior
- Adobe Substance 3D Painter - version 10.1.0 and prior
- Illustrator 2024 - version 28.7.1 and prior
- Photoshop 2023 - version 24.7.3 and prior
- Photoshop 2024 - version 25.11 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1418 | Mozilla Security Advisory. [Published Date: 2024-11-12]
[Id:2024.11.12.009]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 132.0.1
- Thunderbird - versions prior to 128.4.3
Review the following advisories and apply the necessary updates: | Mozilla |
| 1419 | Microsoft December 2024 Security Updates. [Published Date: 2024-11-12]
[Id:2024.11.12.010]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Microsoft Office
- Microsoft Edge (Chromium-based)
- Microsoft Defender for Endpoint
- Microsoft Office SharePoint
- GitHub
- Microsoft Office Word
- Microsoft Office Excel
- Windows Task Scheduler
- Windows Mobile Broadband
- Windows Kernel-Mode Drivers
- Windows Remote Desktop Services
- Windows Virtualization-Based Security (VBS) Enclave
- Microsoft Office Publisher
- Windows IP Routing Management Snapin
- Windows Wireless Wide Area Network Service
- Windows File Explorer
- Windows Kernel
- Windows Routing and Remote Access Service (RRAS)
- Windows Common Log File System Driver
- Role: DNS Server
- Windows Resilient File System (ReFS)
- Windows PrintWorkflowUserSvc
- Windows Message Queuing
- Remote Desktop Client
- WmsRepair Service
- Windows LDAP - Lightweight Directory Access Protocol
- Windows Cloud Files Mini Filter Driver
- Role: Windows Hyper-V
- Windows Local Security Authority Subsystem Service (LSASS)
- Windows Remote Desktop
- Microsoft Office Access
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1420 | IBM Security Advisory. [Published Date: 2024-11-10]
[Id:2024.11.10.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - AIX - versions 7.2 and 7.3
- IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
- IBM Cloud Transformation Advisor - versions 2.0.1 to 3.10.1
- QRadar Suite Software - versions 1.10.12.0 to 1.10.26.0
- VIOS - versions 3.1 and 4.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1421 | Red Hat Security Advisory. [Published Date: 2024-11-10]
[Id:2024.11.10.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1422 | Veeam Security Advisory. [Published Date: 2024-11-08]
[Id:2024.11.08.001]
details...
Veem has released security updates to address a vulnerability in Veeam Backup Enterprise Manager - versions prior to 12.2.0.334.
Review the Veeam Security Advisory and apply the necessary updates. | Veeam |
| 1423 | Microsoft Edge Security Advisory. [Published Date: 2024-11-07]
[Id:2024.11.07.001]
details...
| Microsoft |
| 1424 | Active Exploitation of Critical F5 BIG - IP Vulnerability (CVE-2023-46747) Uncovered in Bangladesh [Published Date: 2024-11-06]
[Id:2024.11.06.004]
details...
| BDNCIRT |
| 1425 | Cisco Security Advisory. [Published Date: 2024-11-06]
[Id:2024.11.06.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Unified Industrial Wireless Software - version 17.14 and prior
- Cisco Unified Industrial Wireless Software - version 17.15
- Cisco Nexus Dashboard Fabric Controller (NDFC) - versions 12.1.2 and 12.1.3
- Cisco Enterprise Chat and Email (ECE) - versions 12.5 and prior
- Cisco Enterprise Chat and Email (ECE) - version 12.6
- Catalyst IW9165D Heavy Duty Access Points
- Catalyst IW9165E Rugged Access Points and Wireless Clients
- Catalyst IW9167E Heavy Duty Access Point
Review the following Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1426 | Drupal Security Advisory. [Published Date: 2024-11-06]
[Id:2024.11.06.002]
details...
Drupal published security advisories to address vulnerabilities in Basic HTTP Authentication - versions prior to 7.x-1.4.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1427 | Active Exploitation of Critical F5 BIG - IP Vulnerability (CVE-2023-46747) Uncovered in Bangladesh. [Published Date: 2024-11-06]
[Id:2024.11.06.003]
details...
The Bangladesh e-Government CIRT reported an active exploitation of the F5 BIG-IP vulnerability (CVE-2023-46747) within Bangladeshi infrastructure. Attackers have used this vulnerability to gain unauthorized system access and even sold compromised access online. This critical flaw allows remote code execution, enabling attackers to fully control affected systems.
Review the provided BGD e-GOV CIRT website and apply the necessary mitigation. | BDNCIRT |
| 1428 | Google Chrome Security Advisory. [Published Date: 2024-11-05]
[Id:2024.11.05.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 30.0.6723.116 for Linux and prior to 130.0.6723.116/.117 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1429 | HPE Security Advisory. [Published Date: 2024-11-05]
[Id:2024.11.05.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Aruba Networking Access Point - version AOS-10.4.x.x - 10.4.1.4 and prior
- HPE Aruba Networking Access Point - version Instant AOS-8.12.x.x - 8.12.0.2 and prior
- HPE Aruba Networking Access Point - version Instant AOS-8.10.x.x - 8.10.0.13 and prior
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1430 | Android security advisory - November 2024 Monthly Rollup. [Published Date: 2024-11-04]
[Id:2024.11.04.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1431 | Dell Security Advisory. [Published Date: 2024-11-03]
[Id:2024.11.03.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:: - PowerStore 1000X - versions prior to 3.2.1.4-2386214
- PowerStore 3000X - versions prior to 3.2.1.4-2386214
- PowerStore 5000X - versions prior to 3.2.1.4-2386214
- PowerStore 7000X - versions prior to 3.2.1.4-2386214
- PowerStore 9000X - versions prior to 3.2.1.4-2386214
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1432 | IBM Security Advisory. [Published Date: 2024-11-03]
[Id:2024.11.03.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Business Automation Insights - version 24.0.0
- IBM Business Automation Workflow containers - multiple versions
- IBM Business Automation Workflow traditional - multiple versions
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Cloud Pak System - multiple versions
- IBM ICP - Discovery - versions 4.0.0 to 4.8.5 and 5.0.0
- IBM QRadar SIEM - version 7.5 to 7.5.0 UP10
- IBM Storage Protect Server - version 8.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1433 | Ubuntu Security Advisory. [Published Date: 2024-11-03]
[Id:2024.11.03.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1434 | Red Hat Security Advisory. [Published Date: 2024-11-03]
[Id:2024.11.03.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platform
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1435 | Microsoft Edge Security Advisory. [Published Date: 2024-10-31]
[Id:2024.10.31.001]
details...
| Microsoft |
| 1436 | Google Chrome Security Advisory. [Published Date: 2024-10-29]
[Id:2024.10.29.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 130.0.6723.91 for Linux and prior to 130.0.6723.91/.92 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1437 | Apple Security Advisory. [Published Date: 2024-10-28]
[Id:2024.10.28.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 17.7.1
- iOS and iPadOS - versions prior to 18.1
- macOS Sequoia - version prior to 15.1
- macOS Sonoma - versions prior to 14.7.1
- macOS Ventura - versions prior to 13.7.1
- tvOS - versions prior to 18.1
- visionOS - versions prior to 2.1
- watchOS - versions prior to 11.1
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1438 | HPE Security Advisory. [Published Date: 2024-10-28]
[Id:2024.10.28.002]
details...
HPE published a security advisory to address vulnerabilities in HP-UX 11i Secure Shell Software - versions prior to A.09.30.007.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1439 | Dell security advisory. [Published Date: 2024-10-27]
[Id:2024.10.27.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - DELL Data Lakehouse System Software - versions 1.0.0.0 and 1.1.0.0
- Dell EMC VxRail Appliance - versions prior to 8.0.310
- PowerFlex appliance - versions prior to 3.8.8 and versions prior to 4.6.0.1
- PowerFlex rack - versions prior to 3.8.8 and versions prior to 4.6.0.1
Review the following advisories and apply the necessary updates: | Dell |
| 1440 | IBM Security Advisory. [Published Date: 2024-10-27]
[Id:2024.10.27.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - DataPower Operations Dashboard - version 1.0.21.0
- IBM Cognos Analytics - versions 11.2.0 to 11.2.3 FP3 and 12.0.0 to 12.0.3
- IBM Cognos Analytics Mobile (Android) - version 1.1
- IBM Cognos Analytics Mobile (iOS) - version 1.1
- IBM Concert Software - version 1.0.0 to 1.0.1
- IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) - version 4.1.1 and 4.2
- IBM Storage Protect Server - version 8.1
- Server Firmware - versions FW1030.00 to FW1030.61, FW1050.00 to FW1050.21, FW1060.00 to FW1060.10, FW860.00 to FW860.B3 and FW950.00 to FW950.C0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1441 | Ubuntu Security Advisory [Published Date: 2024-10-27]
[Id:2024.10.27.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting Ubuntu 22.04 LTS.
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1442 | Red Hat Security Advisory. [Published Date: 2024-10-27]
[Id:2024.10.27.004]
details...
Ubuntu published a security notice to address vulnerabilities in the Red Hat Enterprise Linux Server - multiple versions and platform.
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1443 | HPE Security Advisory. [Published Date: 2024-10-25]
[Id:2024.10.25.001]
details...
HPE published a security advisory to address vulnerabilities in HP-UX Common Internet File System (CIFS) Client/Server Software - versions prior to B.04.18.01.00.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1444 | Microsoft Edge Security Advisory. [Published Date: 2024-10-24]
[Id:2024.10.24.001]
details...
| Microsoft |
| 1445 | Fortinet Security Advisory. [Published Date: 2024-10-23]
[Id:2024.10.23.001]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiManager 7.6 - versions prior to 7.6.1
- FortiManager 7.4 - versions prior to 7.4.5
- FortiManager 7.2 - versions prior to 7.2.8
- FortiManager 7.0 - versions prior to 7.0.13
- FortiManager 6.4 - versions prior to 6.4.15
- FortiManager 6.2 - versions prior to 6.2.13
- FortiManager Cloud 7.4 - versions prior to 7.4.5
- FortiManager Cloud 7.2 - versions prior to 7.2.8
- FortiManager Cloud0 - versions prior to 7.0.13
- FortiManager Cloud 6.4 - all versions
Review the Fortinet Advisory and apply the necessary updates. | Fortinet |
| 1446 | Cisco Security Advisory. [Published Date: 2024-10-23]
[Id:2024.10.23.002]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Adaptive Security Appliance (ASA) Software - multiple versions
- Cisco Firepower Management Center (FMC) Software - multiple versions
- Cisco Firepower Threat Defense (FTD) Software - multiple versions
- Cisco Secure Firewall Management Center (FMC) Software - multiple versions
Review the Cisco Security Advisory and apply the necessary updates. | CISCO |
| 1447 | GitHub Security Advisory. [Published Date: 2024-10-23]
[Id:2024.10.23.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.5.1, 17.4.3 and 17.3.6
- GitLab Enterprise Edition (EE) - versions prior to 17.5.1, 17.4.3 and 17.3.6
Review the provided GitLab Critical Patch Release: 17.5.1, 17.4.3, 17.3.6 and perform the suggested mitigations. | Gitlab |
| 1448 | Drupal Security Advisory. [Published Date: 2024-10-23]
[Id:2024.10.23.004]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Monster Menus 9.4.x branch - versions 9.4.0 to versions prior to 9.4.2
- Monster Menus 9.3.x branch - versions prior to 9.3.4
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1449 | Google Chrome security advisory. [Published Date: 2024-10-22]
[Id:2024.10.22.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 130.0.6723.69 for Linux and prior to 130.0.6723.69/.70 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1450 | Ubuntu Security Advisory. [Published Date: 2024-10-21]
[Id:2024.10.21.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1451 | Dell Security Advisory. [Published Date: 2024-10-21]
[Id:2024.10.21.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Policy Manager for Secure Connect Gateway - version 5.24.00.14
- Dell Secure Connect Gateway - version 5.24.00.14
- Dell Storage Monitoring and Reporting - versions prior to 5.0.2.0
- Dell Storage Resource Manager - versions prior to 5.0.2.0
Review the following advisories and apply the necessary updates: | Dell |
| 1452 | IBM security advisory. [Published Date: 2024-10-20]
[Id:2024.10.20.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Observability with Instana (OnPrem) - version Build 277 (Self-Hosted Standard Edition 1.5.0)
- IBM QRadar SIEM - version 7.5 to 7.5.0 UP9 IF03
- IBM QRadar Incident Forensics - version 7.5 to 7.5.0 UP9 IF03
- IBM Rational ClearQuest - versions 10.0 to 10.0.6 and 9.1 to 9.1.0.6
Review the following IBM Security Advisory and apply the necessary updates. | IBM |
| 1453 | HPE Security Advisory. [Published Date: 2024-10-20]
[Id:2024.10.20.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE OpenView Performance Mgt. T0684 - versions T0684V01^ABG, T0684V01^ABH, T0684V01^ABI, T0684V01^ABJ and T0684V01^ABK
- HPE Superdome Flex 280 Server - versions prior to v1.90.12
- HPE Superdome Flex Server - versions prior to v4.0.10
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1454 | HPE Security Advisory. [Published Date: 2024-10-18]
[Id:2024.10.18.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Cray EX235a Accelerator Blade - versions prior to v1.9.0 (HFP 24.9)
- HPE Cray EX235n Server - versions prior to v1.5.0 (HFP 24.9)
- HPE Cray EX255a Accelerator Blade - versions prior to v1.1.0 (HFP 24.8.1)
- HPE Cray EX425 Compute Blade - versions prior to v1.7.5 (HFP 24.9)
- HPE Cray EX4252 Compute Blade - versions prior to v1.7.0 (HFP 24.8.1)
- HPE ProLiant XL645d Gen10 Plus Server - versions prior to v3.20_08-07-2024
- HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.20_08-07-2024
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1455 | Microsoft Edge Security Advisory. [Published Date: 2024-10-17]
[Id:2024.10.17.001]
details...
| Microsoft |
| 1456 | VMware security advisory - CVE-2024-38812 and CVE-2024-38813 Update 1 [Published Date: 2024-10-17]
[Id:2024.10.17.002]
details...
VMware released a security advisory to address vulnerabilities in the following products: - vCenter Server - versions 7.0 and 8.0
- VMware Cloud Foundation - versions 5.x and 4.x
Update 1 On October 21, 2024, VMware released updated vCenter patches to resolve issues in CVE-2024-38812 that were not fully addressed by the September 17, 2024 release. Clients who installed the initial releases are advised to install these updated versions. Review the provided web links and perform the suggested mitigations. | Vmware |
| 1457 | F5 Security Advisory. [Published Date: 2024-10-16]
[Id:2024.10.16.001]
details...
F5 published security updates address vulnerabilities in BIG-IP (all modules) - versions 17.1.0 to 17.1.1, 16.1.0 to 16.1.4, and 15.1.0 to 15.1.1.0
Review the F5 Security Advisories and apply the necessary updates. | F5 |
| 1458 | Cisco Security Advisory. [Published Date: 2024-10-16]
[Id:2024.10.16.002]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco ATA 191 Analog Telephone Adapter - version 12.0.1 and prior
- Cisco ATA 191 and 192 Multiplatform Analog Telephone Adapter - version 11.2.4 and prior
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1459 | SolarWinds Security Advisory. [Published Date: 2024-10-16]
[Id:2024.10.16.003]
details...
SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Serv-U FTP - version 15.4.2 and prior
- SolarWinds Platform - version 2024.2.1 and prior
- SolarWinds Web Help Desk - versions 12.8.3 HF2 and prior
Review the following SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1460 | VMware Security Advisory. [Published Date: 2024-10-16]
[Id:2024.10.16.004]
details...
VMware released a security advisory to address multiple vulnerabilities in VMWare HCX - versions 4.8.x, 4.9.x, and 4.10.x.
Review VMware security advisory VMSA-2024-0021 and apply the necessary updates. | Vmware |
| 1461 | Google Chrome Security Advisory. [Published Date: 2024-10-15]
[Id:2024.10.15.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 130.0.6723.58 for Linux and prior to 130.0.6723.58/.59 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1462 | Oracle security advisory - October 2024. [Published Date: 2024-10-15]
[Id:2024.10.15.002]
details...
Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following: - Autonomous Health Framework, versions prior to 24.9
- GoldenGate Stream Analytics, versions 19.1.0.0.0-19.1.0.0.9
- Management Cloud Engine, version 24.1.0.0.0
- MySQL Client, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
- MySQL Cluster, versions 7.5.35 and prior, 7.6.31 and prior, 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
- MySQL Connectors, versions 9.0.0 and prior
- MySQL Enterprise Backup, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
- MySQL Enterprise Monitor, versions 8.0.39 and prior
- MySQL Server, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
- MySQL Shell, versions 8.0.38 and prior, 8.4.1 and prior, 9.0.1 and prior
- MySQL Workbench, versions 8.0.38 and prior
- Oracle Access Manager, version 12.2.1.4.0
- Oracle Agile PLM, version 9.3.6
- Oracle Application Express, versions 23.1, 23.2, 24.1
- Oracle Application Testing Suite, version 13.3.0.1
- Oracle Autovue for Agile Product Lifecycle Management, version 21.1.0
- Oracle Banking APIs, versions 19.2.0.0.0, 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0
- Oracle Banking Cash Management, versions 14.7.4.0.0, 14.7.5.0.0
- Oracle Banking Corporate Lending Process Management, versions 14.4.0.0.0, 14.5.0.0.0, 14.6.0.0.0, 14.7.0.0.0
- Oracle Banking Digital Experience, versions 19.2.0.0.0, 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0
- Oracle Banking Liquidity Management, versions 14.5.0.12.0, 14.7.0.6.0, 14.7.4.0.0, 14.7.5.0.0
- Oracle Banking Supply Chain Finance, versions 14.7.4.0.0, 14.7.5.0.0
- Oracle BI Publisher, versions 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0
- Oracle Blockchain Platform, version 21.1.2
- Oracle Business Activity Monitoring, version 12.2.1.4.0
- Oracle Business Intelligence Enterprise Edition, versions 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0
- Oracle Business Process Management Suite, version 12.2.1.4.0
- Oracle Commerce Guided Search, versions 11.3.2, 11.4.0
- Oracle Commerce Platform, versions 11.3.0, 11.3.1, 11.3.2
- Oracle Communications ASAP, version 7.4.3.0.2
- Oracle Communications Cloud Native Core Automated Test Suite, versions 23.4.3, 23.4.4, 24.1.1, 24.2.2
- Oracle Communications Cloud Native Core Binding Support Function, versions 23.4.0-23.4.5
- Oracle Communications Cloud Native Core Certificate Management, versions 23.4.2, 23.4.3, 24.2.0
- Oracle Communications Cloud Native Core Console, versions 23.4.2, 24.2.0
- Oracle Communications Cloud Native Core DBTier, versions 24.1.0, 24.2.0
- Oracle Communications Cloud Native Core Network Function Cloud Native Environment, versions 23.4.0, 24.1.0-24.2.0
- Oracle Communications Cloud Native Core Network Repository Function, versions 23.4.4, 24.2.1
- Oracle Communications Cloud Native Core Network Slice Selection Function, versions 24.2.0, 24.2.1
- Oracle Communications Cloud Native Core Policy, versions 23.4.0-23.4.6
- Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 23.4.2, 24.2.0
- Oracle Communications Cloud Native Core Service Communication Proxy, versions 23.4.0, 24.1.0, 24.2.0
- Oracle Communications Cloud Native Core Unified Data Repository, version 24.2.0
- Oracle Communications Convergent Charging Controller, versions 6.0.1.0.0, 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0
- Oracle Communications Core Session Manager, version 9.1.5
- Oracle Communications EAGLE Application Processor, version 17.0.1
- Oracle Communications IP Service Activator, versions 7.4.0, 7.5.0
- Oracle Communications LSMS, version 14.0.0.1
- Oracle Communications Messaging Server, version 8.1
- Oracle Communications Network Analytics Data Director, versions 23.4.0, 24.1.0, 24.2.0
- Oracle Communications Network Charging and Control, versions 6.0.1.0.0, 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0
- Oracle Communications Operations Monitor, versions 5.1, 5.2
- Oracle Communications Order and Service Management, versions 7.4.0, 7.4.1, 7.5.0
- Oracle Communications Performance Intelligence Center, versions prior to 10.4.0.4
- Oracle Communications Policy Management, versions 12.6.1.0.0, 15.0.0.0.0
- Oracle Communications Session Border Controller, versions 9.1.0, 9.2.0, 9.3.0
- Oracle Communications Unified Assurance, versions 5.5.0-5.5.22, 6.0.0-6.0.5
- Oracle Communications User Data Repository, versions 12.11.0, 14.0
- Oracle Data Integrator, version 12.2.1.4.0
- Oracle Database Server, versions 19.3-19.24, 21.3-21.15, 23.4-23.5
- Oracle E-Business Suite, versions 12.2.3-12.2.14, [ECC] 11-13
- Oracle Enterprise Communications Broker, versions 4.1.0, 4.2.0
- Oracle Enterprise Data Quality, version 12.2.1.4.0
- Oracle Enterprise Manager Base Platform, versions 12.2.1.4.0, 13.5.0.0
- Oracle Enterprise Manager for Fusion Middleware, version 12.2.1.4.0
- Oracle Enterprise Manager for Peoplesoft, version 13.5.1.1.0
- Oracle Enterprise Manager Fusion Middleware Control, version 12.2.1.4.0
- Oracle Enterprise Operations Monitor, versions 5.1, 5.2
- Oracle Essbase, version 21.6
- Oracle Financial Services Compliance Studio, versions 8.1.2.7, 8.1.2.8
- Oracle Financial Services Revenue Management and Billing, versions 3.0.0.0.0, 4.0.0.0.0, 5.0.0.0.0
- Oracle Global Lifecycle Management FMW Installer, version 12.2.1.4.0
- Oracle GoldenGate Big Data and Application Adapters, versions 19.1.0.0.0-19.1.0.0.9
- Oracle GraalVM Enterprise Edition, versions 20.3.15, 21.3.11
- Oracle GraalVM for JDK, versions 17.0.12, 21.0.4, 23
- Oracle Graph Server and Client, versions 23.4.3, 24.3.0
- Oracle Hospitality Cruise Shipboard Property Management System, version 23.1.3
- Oracle Hospitality OPERA 5, versions 5.6.19.19, 5.6.25.8, 5.6.26.4
- Oracle Hospitality Simphony, versions 19.1.0-19.6.2
- Oracle HTTP Server, versions 12.2.1.4.0, 14.1.1.0.0
- Oracle Hyperion BI+, version 11.2.18.0.0
- Oracle Hyperion Financial Management, version 11.2.18.0.0
- Oracle Hyperion Infrastructure Technology, version 11.2.18.0.0
- Oracle Identity Manager Connector, versions 11.1.1.5.0, 12.2.1.3.0
- Oracle Java SE, versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23
- Oracle Managed File Transfer, version 12.2.1.4.0
- Oracle Middleware Common Libraries and Tools, version 12.2.1.4.0
- Oracle NoSQL Database, versions 1.5.0, 20.3.40, 21.2.71, 22.3.45, 23.3.33, 24.1.17
- Oracle Outside In Technology, version 8.5.7
- Oracle Retail Customer Management and Segmentation Foundation, version 19.0.0.10
- Oracle Retail EFTLink, versions 20.0.1, 21.0.0, 22.0.0, 23.0.0
- Oracle SD-WAN Aware, version 9.0.1.10.0
- Oracle SD-WAN Edge, versions 9.1.1.3.0, 9.1.1.5.0-9.1.1.8.0, 9.1.1.9.0
- Oracle Secure Backup, versions 18.1.0.1.0, 18.1.0.2.0, 19.1.0.0.0
- Oracle Service Bus, version 12.2.1.4.0
- Oracle Solaris Cluster, version 4
- Oracle SQL Developer, versions 23.1.0, 24.3.0
- Oracle Utilities Application Framework, versions 4.0.0.0.0, 4.0.0.2.0, 4.0.0.3.0, 4.3.0.3.0-4.3.0.6.0, 4.5.0.0.0
- Oracle Utilities Network Management System, versions 2.3.0.2.34, 2.4.0.1.25, 2.5.0.1.14, 2.5.0.2.8, 2.6.0.1.5
- Oracle VM VirtualBox, versions prior to 7.0.22, prior to 7.1.2
- Oracle WebCenter Forms Recognition, version 14.1.1.0.0
- Oracle WebCenter Portal, version 12.2.1.4.0
- Oracle WebCenter Sites, version 12.2.1.4.0
- Oracle WebLogic Server, versions 12.2.1.4.0, 14.1.1.0.0
- PeopleSoft Enterprise CC Common Application Objects, version 9.2
- PeopleSoft Enterprise ELM Enterprise Learning Management, version 9.2
- PeopleSoft Enterprise FIN Expenses, version 9.2
- PeopleSoft Enterprise HCM Global Payroll Core, versions 9.2.48-9.2.50
- PeopleSoft Enterprise PeopleTools, versions 8.59, 8.60, 8.61
- Siebel Applications, versions 24.7 and prior
Review Oracle Critical Patch Update Advisory - October 2024 and apply the necessary updates. | Oracle |
| 1463 | Atlassian Security Advisory. [Published Date: 2024-10-15]
[Id:2024.10.15.003]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1464 | Mozilla Security Advisory. [Published Date: 2024-10-14]
[Id:2024.10.14.001]
details...
Mozilla published security advisories to address vulnerabilities Firefox - versions prior to 131.0.3.
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1465 | Dell Security Advisory. [Published Date: 2024-10-13]
[Id:2024.10.13.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - GeoDrive for Windows - versions prior to 2.3.3
- NetWorker - versions 19.10 to 19.10.0.4, versions 19.11 to 19.11.0.1, versions 19.8 to 19.8.0.4, versions 19.9 to 19.9.0.7 and versions prior to 19.8
Review the following advisories and apply the necessary updates: | Dell |
| 1466 | IBM Security Advisory. [Published Date: 2024-10-13]
[Id:2024.10.13.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Cloud Pak for AIOps - version 4.1.0 to 4.6.1
- IBM Engineering Systems Design Rhapsody - Model Manager - versions 7.0.2 and 7.0.3
- IBM Maximo Application Suite - AI Broker - versions 9.0.1
- IBM Maximo Application Suite - IoT Component - versions 8.7, 8.8 and 9.0
- IBM Security Verify Governance, Identity Manager software component - version ISVG 10.0.2
- IBM Security Verify Governance, Identity Manager virtual appliance component - version ISVG 10.0.2
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1467 | Ubuntu Security Advisory. [Published Date: 2024-10-13]
[Id:2024.10.13.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 22.04 LTS
Review the following Ubuntu Security Advisory and apply the necessary updates. | Ubuntu |
| 1468 | GitHub Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.001]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.4.2, 17.3.5 and 17.2.9
- GitLab Enterprise Edition (EE) - versions prior to 17.4.2, 17.3.5 and 17.2.9
Review the provided GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9 and perform the suggested mitigations. | Gitlab |
| 1469 | SonicWall Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.002]
details...
SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - SonicWall SMA1000 Connect Tunnel Windows (32 and 64-bit) Client - version 12.4.3.271 and prior
- SonicWall SMA1000 Appliance firmware - version 12.4.3-02676 and prior
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1470 | Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies. [Published Date: 2024-10-10]
[Id:2024.10.10.003]
details...
Cyber threat actors leverage unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet-facing devices on the network. F5 BIG-IP is a suite of hardware and software solutions designed to manage and secure network traffic. A malicious cyber actor could leverage the information gathered from unencrypted persistence cookies to infer or identify additional network resources and potentially exploit vulnerabilities found in other devices present on the network.
Review the following article for details on how to configure the BIG-IP LTM system to encrypt HTTP cookies. | F5 |
| 1471 | Mozilla Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.004]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 115.16
- Thunderbird - versions prior to 128.3.1
- Thunderbird - versions prior to 131.0.1
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1472 | Microsoft Edge Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.005]
details...
| Microsoft |
| 1473 | GitHub Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.006]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitHub Enterprise Server - versions 3.14.x prior to 3.14.2
- GitHub Enterprise Server - versions 3.13.x prior to 3.13.5
- GitHub Enterprise Server - versions 3.12.x prior to 3.12.10
- GitHub Enterprise Server - versions 3.11.x prior to 3.11.16
Review the following advisories and apply the necessary updates: | Github |
| 1474 | Mozilla Security Advisory. [Published Date: 2024-10-10]
[Id:2024.10.10.007]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 132
- Thunderbird - versions prior to 128.4
- Firefox ESR - versions prior to 115.17
- Firefox ESR - versions prior to 128.4
- Firefox - versions prior to 132
Review the Mozilla Security Advisories and apply the necessary updates. | Mozilla |
| 1475 | Mozilla Security Advisory. [Published Date: 2024-10-09]
[Id:2024.10.09.001]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox - versions prior to 131.0.2
- Firefox ESR - versions prior to 115.16.1
- Firefox ESR - versions prior to 128.3.1
Review the Mozilla security bulletins and apply the necessary updates. | Mozilla |
| 1476 | Palo Alto Networks Security Advisory. [Published Date: 2024-10-09]
[Id:2024.10.09.002]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Palo Alto Networks Expedition - versions prior to 1.2.96
- Palo Alto Prisma Access Browser - versions prior to 129.59.2896.5
- Palo Alto Networks PAN-OS - multiple versions
Review the following advisories and apply necessary updates: | Palo Alto Networks |
| 1477 | Juniper Networks Security Advisory. [Published Date: 2024-10-09]
[Id:2024.10.09.003]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - Juniper Session Smart Conductor - multiple versions
- Juniper Session Smart Router - multiple versions
- Juniper WAN Assurance Router - multiple versions
Review the Juniper Networks Security Advisories and apply the necessary updates. | Juniper |
| 1478 | Mitel Security Advisory. [Published Date: 2024-10-09]
[Id:2024.10.09.004]
details...
Mitel published security advisories to address vulnerabilities in MiCollab - versions 9.8 SP1 FP2 (9.8.1.201) and prior
Review the following advisories and apply the necessary updates: | Mitel |
| 1479 | Ivanti Security Advisory. [Published Date: 2024-10-08]
[Id:2024.10.08.003]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Connect Secure - versions prior to 22.7R2.1
- Ivanti Policy Secure - versions prior to 22.7R1.1
- Ivanti Avalanche - versions 6.4.2.313 and prior
- Ivanti EPMM (Core) - versions 12.1.0.3 and prior
- Ivanti CSA (Cloud Services Appliance) - versions 5.0.1 and prior
Review the following advisories and apply the necessary updates: | Ivanti |
| 1480 | Adobe Security Advisory. [Published Date: 2024-10-08]
[Id:2024.10.08.004]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe Animate 2023 - versions 23.0.7 and prior (Windows and MacOS)
- Adobe Animate 2024 - versions 24.0.4 and prior (Windows and MacOS)
- Acrobat Commerce - multiple versions
- Acrobat Commerce B2B - multiple versions
- Acrobat Dimension - version 4.0.3 and prior (Windows and MacOS)
- Adobe InCopy - versions 18.5.3 and prior (Windows and MacOS), versions 19.4 and prior (Windows and MacOS)
- Adobe InDesign - versions ID18.5.3 and prior (Windows and MacOS), versions ID19.4 and prior (Windows and MacOS)
- Adobe FrameMaker - versions 2020 Release Update 6 and prior (Windows), versions 2022 Release Update 4 and prior (Windows)
- Adobe Lightroom - versions 7.4.1 and prior
- Adobe Lightroom Classic - versions 13.5 and prior
- Adobe Lightroom Classic (LTS) - versions 12.5.1 and prior
- Adobe Substance 3D Stager - versions 3.0.3 and prior (Windows and MacOS)
- Magento Open Source - multiple versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1481 | Microsoft October 2024 Security Updates. [Published Date: 2024-10-08]
[Id:2024.10.08.005]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - .NET 6.0
- .NET 8.0
- Azure CLI
- Azure Monitor Agent
- Azure Service Connector
- Azure Service Fabric
- Azure Stack HCI 22H2
- Azure Stack HCI 23H2
- DeepSpeed
- Microsoft .NET Framework - multiple versions
- Microsoft .NET Framework
- Microsoft 365 Apps for Enterprise
- Microsoft Configuration Manager - multiple versions
- Microsoft Defender
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC
- Microsoft Outlook for Android
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server
- Microsoft Visual Studio 2015
- Microsoft Visual Studio 2017
- Microsoft Visual Studio 2019
- Microsoft Visual Studio 2022 - multiple versions
- Power BI Report Server
- Remote Desktop client for Windows Desktop
- Visual C++ Redistributable Installer
- Visual Studio Code
- Windows 10 - multiple versions
- Windows 11 - multiple versions
- Windows Server 2008 - multiple versions
- Windows Server 2012 - multiple versions
- Windows Server 2016 - multiple versions
- Windows Server 2019 - multiple versions
- Windows Server 2022 - multiple versions
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1482 | Google Chrome Security Advisory. [Published Date: 2024-10-08]
[Id:2024.10.08.006]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 129.0.6668.100 for Linux and prior to 129.0.6668.100/.101 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1483 | Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages [Published Date: 2024-10-08]
[Id:2024.10.08.007]
details...
The Bangladesh e-Government Computer Incident Response Team (BGD e-GOV CIRT) has reported a new campaign involving Lumma C2 stealer malware. This malware is distributed through deceptive CAPTCHA pages, tricking users into thinking they are passing a legitimate verification. Once engaged, the malware can steal sensitive data.
Review the provided BGD e-GOV CIRT website and apply the necessary mitigation. | BDNCIRT |
| 1484 | SAP security advisory - October 2024 monthly rollup. [Published Date: 2024-10-08]
[Id:2024.10.08.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP Enterprise Project Connection - version 3.0
- SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 and 2025
Review the SAP Security Patch Day - October 2024 and apply the necessary updates. | SAP |
| 1485 | Qualcomm Security Advisory. [Published Date: 2024-10-08]
[Id:2024.10.08.002]
details...
Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.
Review the Qualcomm Security Bulletin and apply the necessary updates. | Qualcomm |
| 1486 | Dell (VMware)security advisory. [Published Date: 2024-10-06]
[Id:2024.10.06.001]
details...
Dell (VMware) released a security advisory to address vulnerabilities in the following products: - VMware vCenter Server 7.0 - vcenter server versions prior to 7.0u3s
- VMware vCenter Server 8.0 - vcenter server versions prior to 8.0ub
Review the Dell (VMware) security advisory and apply the necessary updates. | Dell |
| 1487 | IBM security advisory. [Published Date: 2024-10-06]
[Id:2024.10.06.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Business Automation Manager Open Editions - versions 9.0.0, 9.0.1 and 9.1.0
- IBM Observability with Instana (OnPrem) - versions Build 275 to 279
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.4
- IBM Db2® on Cloud Pak for Data - multiple versions
- IBM Db2® Warehouse on Cloud Pak for Data - multiple versions
Review the following IBM Security Advisory and apply the necessary updates. | IBM |
| 1488 | Ubuntu Security Advisory. [Published Date: 2024-10-06]
[Id:2024.10.06.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the following Ubuntu Security Advisory and apply the necessary updates. | Ubuntu |
| 1489 | Red Hat Security Advisory. [Published Date: 2024-10-06]
[Id:2024.10.06.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platform
Review the following Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1490 | Android security advisory - October 2024 Monthly Rollup. [Published Date: 2024-10-06]
[Id:2024.10.06.005]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1491 | Apple Security Advisory. [Published Date: 2024-10-03]
[Id:2024.10.03.001]
details...
Apple published security advisories to address vulnerabilities in iOS and iPadOS - versions prior to 18.0.1.
Review the provided Apple Security Advisory and apply the necessary updates. | Apple |
| 1492 | Microsoft Edge Security Advisory. [Published Date: 2024-10-03]
[Id:2024.10.03.002]
details...
| Microsoft |
| 1493 | Jenkins Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.006]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Authorize Project Plugin - version 1.7.2 and prior
- IvyTrigger Plugin - version 1.01 and prior
- OpenId Connect Authentication Plugin - version 4.418.vccc7061f5b_6d and prior
- Pipeline: Declarative Plugin - version 2.2214.vb_b_34b_2ea_9b_83 and prior
- Pipeline: Groovy Plugin - version 3990.vd281dd77a_388 and prior
- Script Security Plugin - version 1367.vdf2fc45f229c and prior
- Shared Library Version Override Plugin - version 17.v786074c9fce7 and prior
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1494 | HPE Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE BackBox Software - multiple versions
- HPE Nonstop QORESTOR Software T1137 - version T1137V01 and versions T1137V01^AAA to AAD
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1495 | Jenkins Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.002]
details...
Jenkins published a security advisory to address vulnerabilities in the following products: - Jenkins weekly - version 2.478 and prior
- Jenkins LTS - version 2.462.2 and prior
- Credentials Plugin - version 1380.va_435002fa_924 and prior
- OpenId Connect Authentication Plugin - version 4.354.v321ce67a_1de8 and prior
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1496 | Cisco Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.003]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Meraki MX Firmware Release - version 16.2 and later, version 17.0 and later, version 18.0 and later
- Cisco NDFC - version 12.0
- Cisco RV340 Dual WAN Gigabit VPN Routers
- Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Routers
- Cisco RV345 Dual WAN Gigabit VPN Routers
- Cisco RV345P Dual WAN Gigabit PoE VPN Routers
Review the following Cisco Security Advisory and apply the necessary updates. | CISCO |
| 1497 | Zimbra Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.004]
details...
Zimbra published a security advisory to address vulnerabilities in the following products: - Zimbra Collaboration versions prior to 9.0.0 Patch 41
- Zimbra Collaboration versions prior to 10.0.9
- Zimbra Collaboration versions prior to 10.1.1
- Zimbra Collaboration versions prior to 8.8.15 Patch 46
Review the Zimbra security advisory and apply the necessary updates. | Zimbra |
| 1498 | Drupal Security Advisory. [Published Date: 2024-10-02]
[Id:2024.10.02.005]
details...
Drupal published security advisories to address vulnerabilities in Two-factor Authentication (TFA) module - versions prior to 1.8.0.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1499 | OpenPrinting CUPS Security Advisory. [Published Date: 2024-10-01]
[Id:2024.10.01.001]
details...
OpenPrinting published a security update to address vulnerabilities in Common UNIX Printing Systems (CUPS) - version 2.1b1 and prior, version 2.0.1 and prior.
Review the following advisories and apply the necessary updates: | Github |
| 1500 | Mozilla Security Advisory. [Published Date: 2024-10-01]
[Id:2024.10.01.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Thunderbird - versions prior to 131
- Thunderbird - versions prior to 128.3
- Firefox ESR - versions prior to 115.16
- Firefox ESR - versions prior to 128.3
- Firefox - versions prior to 131
Review the following advisories and apply the necessary updates: | Mozilla |
| 1501 | Google Chrome Security Advisory. [Published Date: 2024-10-01]
[Id:2024.10.01.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 129.0.6668.89 for Linux and prior to 29.0.6668.89/.90 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1502 | Dell Security Advisory. [Published Date: 2024-09-29]
[Id:2024.09.29.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.16.9
- APEX Cloud Platform Foundation Software - versions prior to 03.02.00.00
- Connectrix - multiple versions and models
- Dell EMC VxRail Appliance - 7.0.x versions prior to 7.0.531
- Dell Networking OS10 - 10.5.3.x, 10.5.4.x, 10.5.5.x and 10.5.6.x
- Dell PowerMax - multiple versions and models
- PowerMaxOS - multiple versions and models
- Unisphere - multiple versions and models
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1503 | IBM Security Advisory. [Published Date: 2024-09-29]
[Id:2024.09.29.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Cloud Pak for Data - versions 4.0.0 to 4.8.5, 5.0.0 and 5.0.1
- IBM CP4MCM - version 2.3 to 2.3 FP8
- IBM Storage Protect Plus - versions 10.1.0 to 10.1.16.2
- IBM watsonx.data - versions 1.0.0 to 2.0.0
- IBM watsonx.data - versions 1.1.0 to 2.0.2
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1504 | Ubuntu Security Advisory. [Published Date: 2024-09-29]
[Id:2024.09.29.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1505 | Red Hat Security Advisory. [Published Date: 2024-09-29]
[Id:2024.09.29.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1506 | PHP Security Advisory. [Published Date: 2024-09-27]
[Id:2024.09.27.001]
details...
PHP published a security advisory to address vulnerabilities in the following products: - PHP 8.1 versions prior to 8.1.30
- PHP 8.2 versions prior to 8.2.24
- PHP 8.3 versions prior to 8.3.12
Review the PHP security advisory and apply the necessary updates. | PHP |
| 1507 | HPE Security Advisory. [Published Date: 2024-09-27]
[Id:2024.09.27.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Superdome Flex 280 Server - versions prior to v1.90.12
- HPE Superdome Flex Server - versions prior to v4.0.10
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1508 | Foxit Security Advisory. [Published Date: 2024-09-26]
[Id:2024.09.26.003]
details...
Foxit published security advisories to address vulnerabilities in the following products: - Foxit PDF Editor for Windows - version 11.2.10.53951 and prior
- Foxit PDF Editor for Mac - version 11.1.9.0524 and prior, version 12.1.5.55449 and prior 12.x
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 1509 | Foxit Security Advisory. [Published Date: 2024-09-26]
[Id:2024.09.26.001]
details...
Foxit published security advisories to address vulnerabilities in the following products: - Foxit PDF Editor for Windows - multiple versions
- Foxit PDF Reader for Windows - multiple versions
- Foxit PDF Reader for Mac - version 2024.2.2.64388 and prior
- Foxit PDF Editor for Mac - multiple versions
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 1510 | Microsoft Edge Security Advisory. [Published Date: 2024-09-26]
[Id:2024.09.26.002]
details...
| Microsoft |
| 1511 | Cisco Security Advisory. [Published Date: 2024-09-25]
[Id:2024.09.25.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco 1000 Series Integrated Services Routers (ISRs)
- Cisco ASR 1000 Series Aggregation Service Routers
- Cisco Catalyst 8000v Edge Software
- Cisco Catalyst 8200 Series Edge Platforms
- Cisco Catalyst 8300 Series Edge Platforms
- Cisco Catalyst 8500L Edge Platforms
- Cisco Catalyst IR8300 Rugged Series Routers
- Cisco Catalyst Center
- Cisco cBR-8 Converged Broadband Routers
- Cisco Crosswork NSO
- Cisco IOS XE Software - multiple versions
- Cisco IOS Software - multiple versions
- Cisco Optical Site Manager
- Cisco RV340 Dual WAN Gigabit VPN Routers
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1512 | HPE Security Advisory. [Published Date: 2024-09-25]
[Id:2024.09.25.002]
details...
HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Access Points running Instant AOS-8 and AOS-10 - multiple versions.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1513 | GitLab Security Advisory. [Published Date: 2024-09-25]
[Id:2024.09.25.003]
details...
GitLab published a security advisory to address vulnerabilities in the following products: - GitLab Community Edition (CE) - versions prior to 4.1, 17.3.4, 17.2.8, 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8 and 16.0.10
- GitLab Enterprise Edition (EE) - versions prior to 17.4.1, 17.3.4, 17.2.8, 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8 and 16.0.10
Review the following advisories and apply the necessary updates: - GitLab Critical Patch Release: 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8, 16.0.10
- GitLab Patch Release: 17.4.1, 17.3.4, 17.2.8
- GitLab Releases
| Gitlab |
| 1514 | Dell Security Advisory. [Published Date: 2024-09-22]
[Id:2024.09.22.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - PowerPath Managment Appliance - versions prior to 3.4 sp2 p02 and versions prior to 4.0 p02
- Dell PowerStore - multiple versions and models
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1515 | Red Hat Security Advisory. [Published Date: 2024-09-22]
[Id:2024.09.22.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1516 | Ubuntu Security Advisory. [Published Date: 2024-09-22]
[Id:2024.09.22.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1517 | IBM Security Advisory. [Published Date: 2024-09-22]
[Id:2024.09.22.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM watsonx.data - versions 1.0.0 to 1.1.3, 1.0.0 to 1.1.4, 1.0.0 to 2.0.0, 1.1.0, 1.1.0 to 1.1.4, 1.1.3 and 2.0.0
- Watsonx.data - versions 1.0.0 to 2.0.0, 1.0.0 to 2.0.1 and 1.1.0 to 2.0.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1518 | Microsoft Edge Security Advisory. [Published Date: 2024-09-19]
[Id:2024.09.19.001]
details...
| Microsoft |
| 1519 | Atlassian Security Advisory. [Published Date: 2024-09-18]
[Id:2024.09.18.001]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Bitbucket Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1520 | HPE Security Advisory. [Published Date: 2024-09-18]
[Id:2024.09.18.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Aruba Networking AOS - multiple versions
- HPE Aruba Networking SD-WAN - multiple versions
- HPE StoreEasy 1660 Storage - versions prior to v2.20_08-07-2024 or prior to v3.30_07-31-2024
- HPE StoreEasy 1860 Storage - versions prior to v2.20_08-07-2024 or prior to v3.30_07-31-2024
- HPE StoreEasy 1670 Expanded Storage - versions prior to v2.20_08-07-2024
- HPE StoreEasy 1860 Expanded Storage - versions prior to v2.20_08-07-2024
- HPE StoreEasy 1870 Expanded Storage - versions prior to v2.20_08-07-2024
- HPE StoreEasy 1460 Storage - versions prior to v3.30_07-31-2024
- HPE StoreEasy 1560 Storage - versions prior to v3.30_07-31-2024
- HPE StoreEasy 1660 Expanded Storage - versions prior to v3.30_07-31-2024
- HPE StoreEasy 1660 Performance Storage - versions prior to v3.30_07-31-2024
- HPE StoreEasy 1860 Performance Storage - versions prior to v3.30_07-31-2024
- HPE Storage File Controller - versions prior to v3.30_07-31-2024
- HPE Storage Performance File Controller - versions prior to v3.30_07-31-2024
- HPE StoreEasy 1450 Storage - versions prior to v3.40_08-29-2024
- HPE StoreEasy 1550 Storage - versions prior to v3.40_08-29-2024
- HPE StoreEasy 1650 Storage - versions prior to v3.40_08-29-2024
- HPE StoreEasy 1850 Storage - versions prior to v3.40_08-29-2024
- HPE StoreEasy 1650 Expanded Storage - versions prior to v3.40_08-29-2024
- HPE StoreEasy 3850 Gateway Storage - versions prior to v3.30_07-31-2024
- HPE 3PAR StoreServ File Controller v3 System - versions prior to v3.30_07-31-2024
Review the following advisories and apply the necessary updates: | HPE |
| 1521 | VMware Security Advisory. [Published Date: 2024-09-17]
[Id:2024.09.17.001]
details...
VMware released a security advisory to address vulnerabilities in the following products: - vCenter Server - versions 7.0 and 8.0
- VMware Cloud Foundation - versions 5.x and 4.x
Review VMware security advisory and apply the necessary updates. | Vmware |
| 1522 | GitHub Security Advisory. [Published Date: 2024-09-17]
[Id:2024.09.17.002]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 3.3, 17.2.7, 17.1.8, 17.0.8 and 16.11.10
- GitLab Enterprise Edition (EE) - versions prior to 17.3.3, 17.2.7, 17.1.8, 17.0.8 and 16.11.10
Review the provided GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10 and perform the suggested mitigations. | Gitlab |
| 1523 | Google Chrome Security Advisory. [Published Date: 2024-09-17]
[Id:2024.09.17.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 129.0.6668.58 for Linux and prior to 129.0.6668.58/.59 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1524 | Google Chrome Security Advisory. [Published Date: 2024-09-17]
[Id:2024.09.17.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 129.0.6668.70 for Linux and prior to 129.0.6668.70/.71 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1525 | Apple Security Advisory. [Published Date: 2024-09-16]
[Id:2024.09.16.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 18
- macOS Sequoia - versions prior to 15
- tvOS - versions prior to 18
- watchOS - versions prior to 11
- visionOS - versions prior to 2
- Safari - versions prior to 18
- iOS and iPadOS - versions prior to 17.7
- macOS Sonoma - versions prior to 14.7
- macOS Sonoma - versions prior to 14.5
- macOS Ventura - Versions prior to 13.7
Review the following advisories and apply the necessary updates: | Apple |
| 1526 | HPE Security Advisory. [Published Date: 2024-09-16]
[Id:2024.09.16.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE ProLiant DL110 Gen10 Plus Telco server - versions prior to v2.20_08-07-2024
- HPE ProLiant DL360 Gen10 Plus server - versions prior to v2.20_08-07-2024
- HPE ProLiant DL380 Gen10 Plus server - versions prior to v2.20_08-07-2024
- HPE Synergy 480 Gen10 Plus Compute Module - versions prior to v2.20_08-07-2024
- HPE Apollo 4200 Gen10 Plus System - versions prior to v2.20_08-07-2024
- HPE ProLiant XL190r Gen9 Server - versions prior to v3.32_08-29-2024
- HPE ProLiant XL170r Gen9 Server - versions prior to v3.32_08-29-2024
- HPE ProLiant DL60 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL80 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL120 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL160 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL180 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL360 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL380 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL560 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant DL580 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant ML110 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant ML150 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE ProLiant ML350 Gen9 Server - versions prior to v3.40_08-29-2024
- HPE Synergy 480 Gen9 Compute Module - versions prior to v3.40_08-29-2024
- HPE Synergy 620 Gen9 Compute Module - versions prior to v3.40_08-29-2024
- HPE Synergy 660 Gen9 Compute Module - versions prior to v3.40_08-29-2024
- HPE Synergy 680 Gen9 Compute Module - versions prior to v3.40_08-29-2024
- HPE Edgeline e920 Server Blade - versions prior to v2.20_08-07-2024
- HPE Edgeline e920d Server Blade - versions prior to v2.20_08-07-2024
- HPE Edgeline e920t Server Blade - versions prior to v2.20_08-07-2024
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1527 | Ubuntu Security Advisory. [Published Date: 2024-09-15]
[Id:2024.09.15.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1528 | Dell Security Advisory. [Published Date: 2024-09-15]
[Id:2024.09.15.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cyber Sense - versions prior to 1.5.0-47
- Dell Avamar Data Store Switch S4128F - version 10.5.4.1
- Dell Data Protection Central DPC-OSupdate - versions prior to 1.1.19-1
- PowerProtect DP Series (Integrated Data Protection Appliance) DPC-OSupdate - versions prior to 1.1.19-1
- PowerScale InsightIQ - versions 5.0 to 5.1
- ThinOS - cisco_jabber_14.3.0.308378.11 and liquidware_stratusphere_ux_connector_id_agent_6.7.0.2.2
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1529 | Microsoft Edge Security Advisory. [Published Date: 2024-09-12]
[Id:2024.09.12.001]
details...
| Microsoft |
| 1530 | SolarWinds Security Advisory. [Published Date: 2024-09-12]
[Id:2024.09.12.002]
details...
SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Access Rights Manager (ARM) - version 2024.3 and prior.
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1531 | Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh. [Published Date: 2024-09-12]
[Id:2024.09.12.003]
details...
| BDNCIRT |
| 1532 | Palo Alto Networks Security Advisory. [Published Date: 2024-09-11]
[Id:2024.09.11.001]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - PAN-OS - versions prior to 11.2.3
- Prisma Access Browser - version 128.91.2869.7 and prior
Review the following advisories and apply necessary updates: | Palo Alto Networks |
| 1533 | Intel Security Advisory. [Published Date: 2024-09-11]
[Id:2024.09.11.002]
details...
Intel published security advisories to address vulnerabilities in UEFI Firmware.
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 1534 | Cisco Security Advisory. [Published Date: 2024-09-11]
[Id:2024.09.11.003]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Crosswork NSO - multiple versions
- Cisco Optical Site Manager - versions prior to 24.3.1
- Cisco RV340 Dual WAN Gigabit VPN Routers - all versions
- Cisco ConfD - multiple versions
- Cisco IOS XR Software - versions 7.7.1 to 7.11.2, 24.1.1 and later
- Cisco IOS XR 64-Bit Software - multiple versions
- Cisco Routed Passive Optical Network (PON) Controller Software - multiple products and models
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1535 | GitHub Security Advisory. [Published Date: 2024-09-11]
[Id:2024.09.11.004]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.3.2, 17.2.5, and 17.1.7
- GitLab Enterprise Edition (EE) - versions prior to 17.3.2, 17.2.5, and 17.1.7
Review the provided GitLab Critical Patch Release: 17.3.2, 17.2.4 and 17.1.7 and perform the suggested mitigations. | Gitlab |
| 1536 | SAP Security Advisory - September 2024 Monthly Rollup. [Published Date: 2024-09-10]
[Id:2024.09.10.001]
details...
SAP published security advisories to address vulnerabilities SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 440.
Review the SAP Security Patch Day - September 2024 and apply the necessary updates. | SAP |
| 1537 | Ivanti Security Advisory. [Published Date: 2024-09-10]
[Id:2024.09.10.002]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti IWC - versions 10.18.0.0 and prior
- Ivanti Cloud Services Appliance (CSA) - version CSA 4.6 (versions prior to Patch 519)
- Ivanti Endpoint Manager - version 2024 and versions 2022 SU5 and prior
Review the following advisories and apply the necessary updates: | Ivanti |
| 1538 | Microsoft September 2024 Security Updates. [Published Date: 2024-09-10]
[Id:2024.09.10.003]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Azure Connected Machine Agent
- Azure CycleCloud - multiple versions and platforms
- Azure Health Bot
- Azure Network Watcher VM Extension for Windows
- Azure Stack Hub
- Azure Web Apps
- Microsoft 365 Apps for Enterprise - multiple platforms
- Microsoft AutoUpdate for Mac
- Microsoft Dynamics 365 (on-premises) - version 9.1
- Microsoft Dynamics 365 Business Central 2023 Release Wave 1
- Microsoft Excel 2016
- Microsoft Office - multiple versions and platforms
- Microsoft Outlook 2016 - multiple platforms
- Microsoft Project 2016 - multiple platforms
- Microsoft Publisher 2016
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SQL Server - multiple versions and platforms
- Microsoft Teams for iOS
- Microsoft Visio 2016 multiple platforms
- Microsoft Visual Studio 2022 - multiple versions
- .NET - version 8.0
- Power Automate for Desktop
- Remote Desktop client for Windows Desktop
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1539 | Adobe Security Advisory. [Published Date: 2024-09-10]
[Id:2024.09.10.004]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Acrobat DC - versions 24.003.20054 and prior (Windows), version 24.002.21005 and prior (MacOS)
- Acrobat Reader DC - version 24.003.20054 and prior (Windows), version 24.002.21005 and prior (MacOS)
- Acrobat 2024 - version 24.001.30159 and prior
- Acrobat 2020 - version 20.005.30655 and prior
- Adobe Audition - version 24.4.1 and prior, version 23.6.6 and prior
- Adobe After Effects - version 24.5 and prior, version 23.6.6 and prior
- Adobe Media Encoder - versions 24.6 and 23.6.9
- Adobe Premiere Pro - version 24.5 and prior, version 23.6.8 and prior
- Illustrator 2024 - version 28.6 and prior
- Illustrator 2023 - version 27.9.5 and prior
- Acrobat Reader 2020 - version 20.005.30655 and prior
- ColdFusion 2023 - version Update 9 and prior
- ColdFusion 2021 - version Update 15 and prior
- Photoshop 2023 - version 24.7.4 and prior
- Photoshop 2024 - version 25.11 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1540 | Citrix Security Advisory. [Published Date: 2024-09-10]
[Id:2024.09.10.005]
details...
Citrix published a security Advisory to address a vulnerability in Citrix Workspace App for Windows.
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1541 | Ubuntu Security Advisory [Published Date: 2024-09-08]
[Id:2024.09.08.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting Ubuntu 18.04 ESM.
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1542 | Red Hat Security Advisory. [Published Date: 2024-09-08]
[Id:2024.09.08.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1543 | Dell Security Advisory. [Published Date: 2024-09-08]
[Id:2024.09.08.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - CloudBoost Virtual Appliance - versions 19.7 to 19.11
- DELL EMC Metronode - versions prior to 8.0.1
Review the following advisories and apply the necessary updates: | Dell |
| 1544 | SonicWall Security Advisory. [Published Date: 2024-09-06]
[Id:2024.09.06.001]
details...
SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - SOHO (Gen 5) 5.9.2.14-12o and older versions
- Gen6 Firewalls 6.5.4.14-109n and older versions
- Gen7 Firewalls SonicOS build version 7.0.1-5035 and older versions
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1545 | Cisco Security Advisory. [Published Date: 2024-09-04]
[Id:2024.09.04.001]
details...
Cisco published a security advisory to address a vulnerability in the Cisco Smart Licensing Utility - versions 2.0.0, 2.1.0 and 2.2.0.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1546 | Drupal Security Advisory. [Published Date: 2024-09-04]
[Id:2024.09.04.002]
details...
Drupal published security advisories to address vulnerabilities in Advanced Paragraphs table - versions prior to 8.x-1.23.0 and versions prior to 2.0.2.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1547 | Veeam Security Advisory. [Published Date: 2024-09-04]
[Id:2024.09.04.003]
details...
Veeam published security advisories to address vulnerabilities in the following products: - Veeam Backup & Replication - 12.x version 12.1.2.172 and prior
- Veeam ONE - 12.x version 12.1.0.3208 and prior
- Veeam Service Provider Console - 8.x version 8.0.0.19552 and prior
- Veeam Agent for Linux - 6.x version 6.1.2.1781 and prior
- Veeam Backup for Nutanix AHV - 12.x version 12.5.1.8 and prior
- Veeam Backup for Oracle Linux Virtualization Manager - 12.x version 12.4.1.45 and prior
Review the Veeam Security Advisory and apply the necessary updates. | Veeam |
| 1548 | IBM Security Advisory. [Published Date: 2024-09-03]
[Id:2024.09.03.001]
details...
IBM published security advisory to address vulnerability IBM Concert Software - versions 1.0F03.
Review the IBM Security Bulletins - 7166857 and apply the necessary updates. | IBM |
| 1549 | Mozilla Security Advisory. [Published Date: 2024-09-03]
[Id:2024.09.03.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox ESR - versions prior to 115.15
- Firefox ESR - versions prior to 128.2
- Firefox - versions prior to 130
Review the following advisories and apply the necessary updates: | Mozilla |
| 1550 | VMware Security Advisory. [Published Date: 2024-09-03]
[Id:2024.09.03.003]
details...
VMware released a security advisory to address multiple vulnerabilities in VMware Fusion - versions 13.x prior to 13.6.
Review VMware security advisory VMSA-2024-0018 and apply the necessary updates. | Broadcom |
| 1551 | HPE Security Advisory. [Published Date: 2024-09-03]
[Id:2024.09.03.004]
details...
HPE published a security advisory to address vulnerabilities in the HPE Unified OSS Console (UOC) - versions prior to v3.1.8.
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1552 | Android security advisory - September 2024 Monthly Rollup. [Published Date: 2024-09-03]
[Id:2024.09.03.005]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1553 | HPE Security Advisory. [Published Date: 2024-09-03]
[Id:2024.09.03.006]
details...
HPE published a security advisory to address vulnerabilities in the HPE Virtual Tape Repository (VTR) - versions T0964V01 and T0964V01 AAA to AAJ.
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1554 | Dell Security Advisory. [Published Date: 2024-09-01]
[Id:2024.09.01.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:: - APEX Cloud Platform Foundation Software - versions prior to 03.01.00.00
- APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.14.31
- Dell Connectrix (Brocade) - versions prior to 9.2.0
- Dell RecoverPoint for Virtual Machines - version 6.0.sp1
- PowerScale OneFS - multiple versions
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1555 | Ubuntu Security Advisory. [Published Date: 2024-09-01]
[Id:2024.09.01.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
Review the following advisories and apply the necessary updates: | Ubuntu |
| 1556 | Red Hat Security Advisory. [Published Date: 2024-09-01]
[Id:2024.09.01.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1557 | Google Chrome Security Advisory. [Published Date: 2024-08-28]
[Id:2024.08.28.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 128.0.6613.113 for Linux and prior to 128.0.6613.113/.114 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1558 | Cisco Security Advisory. [Published Date: 2024-08-28]
[Id:2024.08.28.002]
details...
Cisco published a security advisory to address a vulnerability in the Nexus 3000, 7000 and 9000 Series Switches running Cisco NX-OS Software.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1559 | Google Chrome Security Advisory. [Published Date: 2024-08-28]
[Id:2024.08.28.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 128.0.6613.137 for Linux and prior to 128.0.6613.137/.138 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1560 | Ubuntu Security Advisory. [Published Date: 2024-08-25]
[Id:2024.08.25.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1561 | Dell Security Advisory. [Published Date: 2024-08-25]
[Id:2024.08.25.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell NetWorker Runtime Environment (NRE) - version 8.0.21
- PowerSwitch Z9664F-ON - versions prior to v3.54.5.1-7
Review the following advisories and apply the necessary updates: | Dell |
| 1562 | Red Hat Security Advisory. [Published Date: 2024-08-25]
[Id:2024.08.25.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1563 | SonicWall Security Advisory. [Published Date: 2024-08-22]
[Id:2024.08.22.001]
details...
SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - SonicWall SOHO (Gen 5) - versions prior to 5.9.2.14-13o
- SonicWall SOHO (Gen 6) - versions prior to 6.5.2.8-2n (SM9800, NSsp 12400, NSsp 12800) and 6.5.4.15.116n (other Gen6 Firewall appliances)
- SonicWall SOHO (Gen 7) - versions 7.0.1-5035 and prior
Review the SonicWall Security Advisory and apply the necessary updates. | Sonicwall |
| 1564 | Microsoft Edge Security Advisory. [Published Date: 2024-08-22]
[Id:2024.08.22.002]
details...
| Microsoft |
| 1565 | Atlassian Security Advisory. [Published Date: 2024-08-21]
[Id:2024.08.21.001]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Confluence Data Center and Server - multiple versions
- Crowd Data Center and Server - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1566 | GitHub Security Advisory. [Published Date: 2024-08-21]
[Id:2024.08.21.002]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitHub Enterprise Server - versions 3.13.x prior to 3.13.3
- GitHub Enterprise Server - versions 3.12.x prior to 3.12.8
- GitHub Enterprise Server - versions 3.11.x prior to 3.11.14
- GitHub Enterprise Server - versions 3.10.x prior to 3.10.16
Review the following advisories and apply the necessary updates: | Github |
| 1567 | Drupal Security Advisory. [Published Date: 2024-08-21]
[Id:2024.08.21.003]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Opigno module - versions prior to 7.x-1.23
- Opigno TinCan Question Type module - versions prior to 7.x-1.3
Review the following advisories and apply the necessary updates: | Drupal |
| 1568 | Google Chrome Security Advisory. [Published Date: 2024-08-21]
[Id:2024.08.21.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 128.0.6613.84 for Linux and prior to 128.0.6613.84/.85 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1569 | SolarWinds Security Advisory. [Published Date: 2024-08-21]
[Id:2024.08.21.005]
details...
SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Web Help Desk (WHD) - version 12.8.3 HF1 and prior.
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1570 | Ubuntu Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1571 | Dell Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell EMC VxRail Appliance - 8.0.x versions prior to 8.0.300
- Dell Power Protect DP Series Appliance/Dell Integrated Data Protection Appliance - versions 2.7.0 to 2.7.6
Review the following advisories and apply the necessary updates: | Dell |
| 1572 | IBM Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM App Connect Enterprise Certified Container - multiple versions
- IBM Cloud Pak for Security - version 1.10.0.0 to 1.10.11.0
- IBM Cognos Dashboards on Cloud Pak for Data - multiple versions
- IBM Observability with Instana OnPrem - version Build 278
- IBM Storage Defender - Data Protect - version 1.0.0 to 2.0.5
- PowerVC - versions 2.1.1, 2.1.1.1, 2.2.0 and 2.2.1
- QRadar Suite Software - version 1.10.12.0 to 1.10.23.0
- data - version 1.0.0 to 2.0.0
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1573 | Red Hat Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1574 | IBM Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.005]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Cloud APM, Base Private and Advanced Private - versions 8.1.4.0 to 8.1.4.0 IF15
- IBM Concert Software - version 1.0
- IBM Maximo Application Suite - AI Broker - version 1.0.0
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP9 IF01
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1575 | IBM Security Advisory. [Published Date: 2024-08-18]
[Id:2024.08.18.006]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Cloud Pak for Business Automation - multiple versions
- IBM Cloud Transformation Advisor - version 2.0.1 to 3.10.0
- IBM i Modernization Engine for Lifecycle Integration - versions 1.0 to 1.4.8 and 2.0 to 2.0.2
- ICP - Discovery - versions 4.0.0 to 4.8.5 and version 5.0.0
- QRadar Suite Software - version 1.10.12.0 to 1.10.24.0
- watsonx.data - version 1.0.0 to 2.0.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1576 | Palo Alto Networks Security Advisory. [Published Date: 2024-08-15]
[Id:2024.08.15.001]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Palo Alto Networks Prisma Access Browser - version prior to 127.100.2858.4.
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1577 | Microsoft Edge Security Advisory. [Published Date: 2024-08-15]
[Id:2024.08.15.002]
details...
| Microsoft |
| 1578 | Adobe Security Advisory. [Published Date: 2024-08-14]
[Id:2024.08.14.001]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Acrobat 2024 - version 24.001.30123 and prior
- Acrobat 2020 - version 20.005.30636 and prior (Windows), version 20.005.30635 and prior (MacOS)
- Acrobat DC - version 24.002.20991 and prior (Windows), version 24.002.20964 and prior (MacOS)
- Acrobat Reader 2020 - version 20.005.30636 and prior (Windows), version 20.005.30635 and prior (MacOS)
- Acrobat Reader DC - version 24.002.20991 and prior (Windows), version 24.002.20964 and prior (MacOS)
- Adobe Bridge - version 13.0.8 and prior, version 14.1.1 and prior
- Adobe Commerce - multiple versions
- Adobe Dimension - version 3.4.11 and prior
- Adobe InCopy - version 19.4 and prior, version 18.5.2 and prior
- Adobe InDesign - version ID19.4 and prior, version ID18.5.2 and prior
- Adobe Substance 3D Designer - version 13.1.2 and prior
- Adobe Substance 3D Sampler - version 4.5 and prior
- Adobe Substance 3D Stager " version 3.0.2 and prior
- Illustrator 2024 - version 28.5 and prior
- Illustrator 2023 - version 27.9.4 and prior
- Magento Open Source - multiple versions
- Photoshop 2023 - version 24.7.3 and prior
- Photoshop 2024 - version 25.9.1 and prior
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1579 | F5 Quarterly Security Notification. [Published Date: 2024-08-14]
[Id:2024.08.14.002]
details...
F5 published Quarterly Security Notification for multiple products. Included were updates for the following: - BIG-IP (all modules) - multiple versions and models
- BIG-IP Next Central Manager - version 20.1.0
- NGINX Plus - versions R30 to R32
Review the F5 Security Advisories and apply the necessary updates. | F5 |
| 1580 | SAP Security Advisory. [Published Date: 2024-08-13]
[Id:2024.08.13.001]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP Build Apps - versions prior to 4.11.130
- SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430 and 440
Review the SAP Security Patch Day - August 2024 and apply the necessary updates. | SAP |
| 1581 | Ivanti Security Advisory. [Published Date: 2024-08-13]
[Id:2024.08.13.002]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Virtual Traffic Manager - versions 22.2, 22.3, 22.3R2, 22.5R1, 22.6R1 and 22.7R1
- Ivanti Neurons for ITSM - versions 2023.2, 2023.3 and 2023.4
- Ivanti Avalanche - versions 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.4.0, 6.4.1, 6.4.2 and 6.4.3
Review the following advisories and apply the necessary updates: | ivanti |
| 1582 | Red Hat Security Advisory. [Published Date: 2024-08-11]
[Id:2024.08.11.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1583 | IBM Security Advisory. [Published Date: 2024-08-11]
[Id:2024.08.11.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - HMC - version OP940.00 to OP940.70
- IBM Business Automation Workflow containers - version V24.0.0
- IBM Business Automation Workflow traditional - version V24.0.0
- IBM CICS TX Advanced - versions 10.1 and 11.1
- IBM CICS TX Standard - version 11.1
- IBM Cloud Pak for Data - version 4.0.0 to 4.8.4
- IBM Common Licensing - versions ART 9.0 and Agent 9.0
- IBM Maximo Application Suite - versions 8.1, 8.11 and 9.0
- IBM Maximo Application Suite - Monitor Component - versions 8.10, 8.10.12, 8.11, 8.11.9 and 9.0.0
- IBM Operational Decision Manager - versions 8.11.0.1, 8.11.1.0 and 8.12.0.1
- IBM Security Verify Information Queue - versions 10.0.5, 10.0.6, 10.0.7 and 10.0.8
- IBM Storage Ceph - versions 5.3 to 5.3z6, 5.3z1 to z6, 6.1 to 6.1z4, 6.1 to 6.1z6, 7.0 to 7.0z1, 7.0 to 7.0z2 and version 6.0.
- IBM TXSeries for Multiplatforms - versions 8.1, 8.2 and 9.1
- IBM Watson Assistant for IBM Cloud Pak for Data - versions 4.0 to 5.0
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - version 4.0.0 to 5.0.0
- OPENBMC - versions FW1020.00 to FW1020.60, FW1030.00 to FW1030.50, FW1050.00 to FW1050.10, OP910.00 to OP910.80 and OP940.00 to OP940.60
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1584 | Dell Security Advisory. [Published Date: 2024-08-11]
[Id:2024.08.11.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Avamar NDMP Accelerator - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10 sp1 running suse linux enterprise 12 sp5
- Dell Avamar Server Hardware Appliance Gen4T/ Gen5A - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10-sp1 running suse linux enterprise 12 sp5
- Dell Avamar Virtual Edition - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10-sp1 running suse linux enterprise 12 sp5
- Dell Avamar VMware Image Proxy - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10-sp1 running suse linux enterprise 12 sp5
- Dell Networker Virtual Edition (NVE) - versions 19.10.x, 19.11.x running suse linux enterprise 12 sp5, 19.5.x, 19.6.x, 19.7.x, 19.8.x, 19.9.x and versions 19.4.x
- Dell Power Protect DP Series Appliance / Dell Integrated Data Protection Appliance (IDPA) - version 2.7.x running sles12sp5 and version 2.7.6 and prior
- Dell Protection Advisor - versions 19.7, 19.8 and 19.9
- XtremIO X2 - versions prior to 6.4.2-13
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1585 | Ubuntu Security Advisory. [Published Date: 2024-08-11]
[Id:2024.08.11.004]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1586 | Foxit Security Advisory. [Published Date: 2024-08-09]
[Id:2024.08.09.001]
details...
Foxit published security advisories to address vulnerabilities in the following products: - Foxit PDF Editor for Windows - multiple versions
- Foxit PDF Reader for Windows - versions 2024.2.2.25170 and prior
- Foxit PDF Editor for Mac - 2024.2.2.64388, 2024.2.1.64379, 2024.2.0.64371, and 2024.1.0.63682
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 1587 | Cisco Security Advisory. [Published Date: 2024-08-08]
[Id:2024.08.08.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Small Business SPA300 Series IP Phones - all versions
- Cisco Small Business SPA500 Series IP Phones - all versions
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1588 | F5 Security Advisory. [Published Date: 2024-08-08]
[Id:2024.08.08.002]
details...
F5 published security updates for multiple products. Included were updates for the following: - BIG-IP - multiple versions and models
- Traffix SDC - versions 5.2.0 and 5.1.0
Review the F5 Security Advisories and apply the necessary updates. | F5 |
| 1589 | Microsoft Edge Security Advisory. [Published Date: 2024-08-08]
[Id:2024.08.08.003]
details...
| Microsoft |
| 1590 | Cisco Security Advisory. [Published Date: 2024-08-08]
[Id:2024.08.08.004]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco Unified CM - versions 12.5(1), 14S and 15
- Cisco Unified CM SME - versions 12.5(1), 14 and 15
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1591 | Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory. [Published Date: 2024-08-07]
[Id:2024.08.07.001]
details...
Federal Bureau of Investigation (FBI)-released an update to joint Cybersecurity Advisory Royal Ransomware, BlackSuit (Royal) Ransomware. The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these TTPs and IOCs as recently as July 2024. BlackSuit ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, commercial facilities, healthcare and public health, government facilities, and critical manufacturing.
Review the updated joint advisory to protect and detect malicious activity. | Cisa |
| 1592 | Jenkins Security Advisory. [Published Date: 2024-08-07]
[Id:2024.08.07.002]
details...
Jenkins, the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software, released a security advisory for its vulnerability in Jenkins (core) - multiple versions.
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1593 | Drupal Security Advisory. [Published Date: 2024-08-07]
[Id:2024.08.07.003]
details...
Drupal published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Opigno group manager - versions prior to 3.1.1
- Opigno Learning path - versions prior to 3.1.2
- Opigno module - versions prior to 3.1.2
Review the following advisories and apply the necessary updates: | Drupal |
| 1594 | Red Hat Security Advisory [Published Date: 2024-08-06]
[Id:2024.08.06.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1595 | Mozilla Security Advisory [Published Date: 2024-08-06]
[Id:2024.08.06.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox ESR - versions prior to 115.14
- Firefox ESR - versions prior to 128.1
- Firefox - versions prior to 129
Review the following advisories and apply the necessary updates: | Mozilla |
| 1596 | Google Chrome Security Advisory. [Published Date: 2024-08-06]
[Id:2024.08.06.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 127.0.6533.99 for Linux and prior to 127.0.6533.99/.100 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1597 | Dell Security Advisory. [Published Date: 2024-08-06]
[Id:2024.08.06.004]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:: - Dell Cyber Sense - version 8.6 and prior
- Dell EMC XC Core XC7525 - versions prior to 2.16.2
- Dell Power Protect Data Manager - versions prior to 19.17
- Dell PowerProtect Data Manager DM5500 Appliance - version 5.16 and prior
- Dell SmartFabric OS10 - version 10.5.6.2
- Dell XC Core XC7625 - versions prior to 1.8.3
- PowerEdge - multiple versions and models
- PowerFlex rack - versions prior to 3.7.5.1
- PowerFlex rack - versions prior to 3.8.0.1
- PowerProtect Cyber Recovery - version 19.16.0.2 and prior
- PowerStore 1000X - versions prior to 3.2.1.3-2334099
- PowerStore 3000X - versions prior to 3.2.1.3-2334099
- PowerStore 5000X - versions prior to 3.2.1.3-2334099
- PowerStore 7000X - versions prior to 3.2.1.3-2334099
- PowerStore 9000X - versions prior to 3.2.1.3-2334099
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1598 | IBM Security Advisory. [Published Date: 2024-08-06]
[Id:2024.08.06.005]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Cloud Pak System - multiple versions
- IBM IBM Control Center - versions 6.2.1 and 6.3.0
- IBM ICP - Discovery - versions 4.0.0 to 4.8.4
- IBM ICP - Discovery - versions 4.0.0 to 5.0.0
- IBM Integration Bus for z/OS - versions 10.1 to 10.1.0.4
- IBM MQ Appliance - versions 9.3 LTS and 9.3 CD
- IBM Maximo Application Suite - version 8.9.3
- IBM Netcool Operations Insight - multiple versions
- IBM Planning Analytics Local and Analytics Workspace - versions 2.1 and 2.0
- IBM Storage Protect Plus Server - versions 10.1.0 - 10.1.16.1
- IBM Total Storage Service Console (TSSC) / TS4500 IMC - versions 9.2.11 to 9.5.8
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1599 | HPE Security Advisory. [Published Date: 2024-08-06]
[Id:2024.08.06.006]
details...
HPE published a security advisory to address vulnerabilities in the following products: - InstantOS - versions prior to 12.x.x: 8.12.0.2
- InstantOS - versions prior 10.x.x: 8.10.0.13
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1600 | Android Security Advisory - August 2024 Monthly Rollup [Published Date: 2024-08-05]
[Id:2024.08.05.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1601 | Ubuntu Security Advisory [Published Date: 2024-08-04]
[Id:2024.08.04.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1602 | Microsoft Edge Security Advisory. [Published Date: 2024-08-02]
[Id:2024.08.02.001]
details...
Microsoft published a security update to address a vulnerability in the following product: - Microsoft Edge Stable Channel - versions prior to 127.0.2651.86
- Microsoft Edge Extended Stable Channel - versions prior to 126.0.2592.132
Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates. | Microsoft |
| 1603 | HPE Security Advisory. [Published Date: 2024-08-01]
[Id:2024.08.01.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy - versions prior to v9.1.1d2, v9.2.0b1 and v9.2.1
- HPE SAN Director Switch - multiple models and versions prior to v9.1.1d2, v9.2.0b1 and v9.2.1
- HPE B-series SN2600B SAN Extension Switch - versions prior to v9.1.1d2, v9.2.0b1 and v9.2.1
- HPE B-series SN4700B SAN Extension Switch - versions prior to v9.1.1d2, v9.2.0b1 and v9.2.1
- HPE B-series Fibre Channel Switch - multiple models and versions prior to v9.1.1d2, v9.2.0b1 and v9.2.1
Review the following HPE Security Advisory and apply the necessary updates. | HPE |
| 1604 | Ransomware Attack to Service Providers of Financial Institutions. [Published Date: 2024-08-01]
[Id:2024.08.01.002]
details...
| BGD e-GOV CIRT (BDNCIRT |
| 1605 | Apple Security Advisory. [Published Date: 2024-07-30]
[Id:2024.07.30.001]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 15.8.3
- iOS and iPadOS - versions prior to iOS 16.7.9
- iOS and iPadOS - versions prior to 17.6
- macOS Monterey - versions prior to 12.7.6
- macOS Sonoma - versions prior to 14.6
- macOS Ventura - versions prior to 13.6.8
- Safari - versions prior to 17.6
- tvOS - versions prior to 17.6
- visionOS - versions prior to 1.3
- watchOS - versions prior to 10.6
Review Apple security releases and apply necessary updates. | Apple |
| 1606 | HPE Security Advisory. [Published Date: 2024-07-30]
[Id:2024.07.30.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - ClearPass Policy Manager 6.12.x - version 6.12.1 and prior
- ClearPass Policy Manager 6.11.x - version 6.11.8 and prior
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1607 | DigiCert Certificate Revocations. [Published Date: 2024-07-30]
[Id:2024.07.30.003]
details...
DigiCert, a certificate authority (CA) organization, is revoking a subset of transport layer security (TLS) certificates due to a non-compliance issue with domain control verification (DCV). Revocation of these certificates may cause temporary disruptions to websites, services, and applications relying on these certificates for secure communication. DigiCert has notified affected customers and provided instructions on how to replace non-compliant certificates.
DigiCert customers to check their DigiCert account to view any non-compliant certificates and reissue/rekey certificates. See DigiCert’s Revocation Incident Notice for customer instructions and more information. | Digicert |
| 1608 | Google Chrome Security Advisory. [Published Date: 2024-07-30]
[Id:2024.07.30.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 127.0.6533.88 for Linux and prior to 127.0.6533.88/89 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1609 | Dell Security Advisory. [Published Date: 2024-07-28]
[Id:2024.07.28.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - DD3300 Appliance - versions prior to 7.10.1.0, 7.11.0.0 and 7.7.5.1
- DD6400 Appliance - versions prior to 7.10.1.0, 7.11.0.0 and 7.7.5.1
- DD6900 Appliance - versions prior to 7.10.1.0 and 7.11.0.0
- DD9400 Appliance - versions prior to 7.10.1.0, 7.11.0.0 and 7.7.5.1
- DD9410 Appliance - versions prior to 8.1.0.0 and 8.2.0.0
- DD9900 Appliance - versions prior to 7.10.1.0, 7.11.0.0 and 7.7.5.1
- DD9910 Appliance - versions prior to 8.1.0.0 and 8.2.0.0
- Dell Protection Advisor - versions 19.8, 19.9 and 19.10
- Dell Power Protect Data Manager - versions prior to 19.17 build 10
- Dell PowerProtect DDOS - multiple products and versions
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1610 | IBM Security Advisory. [Published Date: 2024-07-28]
[Id:2024.07.28.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - CICS Transaction Gateway Desktop Edition - versions 9.2 and 9.3
- HMC V10.2.1030.0 - version V10.2.1030.0
- HMC V10.3.1050.0 - version V10.3.1050.0
- IBM CICS Transaction Gateway for Multiplatforms - versions 9.2 and 9.3
- IBM WebSphere Remote Server - versions 8.5, 9.0 and 9.1
- IBM Storage Ceph - multiple versions
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP8 IF03
- IBM QRadar Network Packet Capture - versions 7.5.0 to 7.5.0 Update Package 7
- IBM QRadar Data Synchronization App - versions 1.0 to 3.1.2
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1611 | Ubuntu Security Advisory. [Published Date: 2024-07-28]
[Id:2024.07.28.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1612 | Red Hat Security Advisory. [Published Date: 2024-07-28]
[Id:2024.07.28.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1613 | Microsoft Edge Security Advisory. [Published Date: 2024-07-25]
[Id:2024.07.25.001]
details...
| Microsoft |
| 1614 | Advisory on Web Application and Database Security. [Published Date: 2024-07-25]
[Id:2024.07.25.001]
details...
| BGD e-GOV CIRT |
| 1615 | ISC Releases Security Advisories for BIND 9. [Published Date: 2024-07-24]
[Id:2024.07.24.001]
details...
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9.
Review the following ISC Security Advisory and apply the necessary updates. | CVE |
| 1616 | Google Chrome Security Advisory. [Published Date: 2024-07-24]
[Id:2024.07.24.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 127.0.6533.72 for Linux and prior to 127.0.6533.72/73 for Windows, and Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1617 | HPE Advisory. [Published Date: 2024-07-23]
[Id:2024.07.23.001]
details...
HPE published a security advisory to address vulnerabilities for the following products: - HPE Alletra 4110 - version 2.20_05-27-2024 and prior
- HPE Alletra 4120 - version 2.20_05-27-2024 and prior
- HPE Compute Edge Server e930t - version 2.20_05-27-2024 and prior
- HPE ProLiant - multiple versions and platforms
- HPE Synergy - multiple versions and platforms
- HPE Apollo - multiple versions and platforms
- HPE Edgeline - multiple versions and platforms
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1618 | IBM Security Advisory. [Published Date: 2024-07-22]
[Id:2024.07.22.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - IBM Engineering Requirements Management DOORS - version 9.7.2.8
- IBM Engineering Requirements Management DOORS Web Access - version 9.7.2.8
- IBM Robotic Process Automation - version 21.0.0 to 21.0.7.14 and 23.0.0 to 23.0.14
- IBM Robotic Process Automation for Cloud Pak - version 21.0.0 to 21.0.7.14 and 23.0.0 to 23.0.14
- IBM Security Guardium - version 12.0
- IBM Storage Ceph - multiple versions
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1619 | Dell Security Advisory. [Published Date: 2024-07-22]
[Id:2024.07.22.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Data Protection Search - versions 19.4.0, 19.5.0, 19.5.1, 19.6.0, 19.6.1, 19.6.2, 19.6.3, 19.6.4 and 19.3.0
- Dell ECS - versions prior to 3.8.1.1
- Integrated Data Protection Appliance (IDPA) - versions prior to 2.7.6
Review the following Dell Security Advisory and apply the necessary updates. | Dell |
| 1620 | Ubuntu Security Advisory. [Published Date: 2024-07-22]
[Id:2024.07.22.003]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1621 | HPE Security Advisory. [Published Date: 2024-07-22]
[Id:2024.07.22.004]
details...
HPE published a security advisory to address a vulnerability in the following products: - HPE Alletra 4110 and 4120 - versions prior to 2.20_05-27-2024
- HPE ProLiant - multiple versions and platforms
- HPE Synergy 480 and 660 - versions prior to v3.20_05-27-2024
- HPE Apollo 2000 and 4200 - versions prior to v2.10_05-27-2024
- HPE Edgeline - multiple versions and platforms
- HPE Compute Edge Server e930t - versions prior to v2.20_05-27-2024
- HPE EdgeConnect SD-Wan orchestrator - multiple versions and platforms
- HPE Unified OSS Console Assurance Monitoring (UOCAM) - versions prior to 3.1.7
- HPE Aruba networking EdgeConnect SD-Wan - multiple versions and platforms
Review the following HPE Security Advisory and apply the necessary updates. | HPE |
| 1622 | Red Hat Security Advisory. [Published Date: 2024-07-21]
[Id:2024.07.21.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1623 | Microsoft Edge Security Advisory. [Published Date: 2024-07-18]
[Id:2024.07.18.001]
details...
| Microsoft |
| 1624 | Google Chrome Security Advisory. [Published Date: 2024-07-17]
[Id:2024.07.17.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 126.0.6478.182 for Linux and prior to 126.0.6478.182/183 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1625 | HPE 3PAR security advisory. [Published Date: 2024-07-17]
[Id:2024.07.17.002]
details...
HPE published a security advisory to address vulnerabilities in the HPE 3PAR Service Processor - versions v5.1.1 and prior.
Review the HPE Security Bulletin - hpesbst04663 and apply the necessary updates. | HPE |
| 1626 | Oracle security advisory - July 2024 quarterly rollup. [Published Date: 2024-07-17]
[Id:2024.07.17.003]
details...
Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following: - Oracle MySQL
- Oracle Analytics
- Oracle Communications Applications
- Oracle Communications
- Oracle Financial Services Application
- Oracle Fusion Middleware
- Oracle Siebel CRM
Review Oracle Critical Patch Update Advisory - July 2024 and apply the necessary updates. | Oracle |
| 1627 | Cisco security advisory. [Published Date: 2024-07-17]
[Id:2024.07.17.004]
details...
Cisco published a security advisory to address a vulnerability in the OpenSSH Server used in multiple products.
Review the following Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1628 | Cisco Security Advisory. [Published Date: 2024-07-17]
[Id:2024.07.17.005]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cisco AsyncOS for Secure Web Appliance - versions 14.5, 15.0 and 15.1
- Cisco Secure Email Gateway - Content Scanner Tools versions prior to 23.3.0.4823
- Cisco Smart Software Manager On-Prem (SSM On-Prem) - version 8-202206 and prior
- RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS) used by multiple devices
Review the following Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1629 | Oracle Security Advisory. [Published Date: 2024-07-17]
[Id:2024.07.17.006]
details...
| Oracle |
| 1630 | Ivanti Security Advisory. [Published Date: 2024-07-16]
[Id:2024.07.16.001]
details...
| ivanti |
| 1631 | Atlassian Security Advisory. [Published Date: 2024-07-16]
[Id:2024.07.16.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center and Server - multiple versions
- Confluence Data Center and Server - multiples versions
- Jira Data Center and Server - multiples versions
- Jira Service Management Data Center and Server - multiples versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1632 | Juniper Networks Security Advisory. [Published Date: 2024-07-16]
[Id:2024.07.16.003]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - BBE Cloudsetup (BCS) - versions prior to 2.1.0
- Junos OS - multiple versions
- Juno OS Evolved - multiple versions
- Junos Space - versions prior to 24.1R1
Review the Juniper Networks Security Advisories and apply the necessary updates. | Juniper |
| 1633 | Dell Security Advisory. [Published Date: 2024-07-15]
[Id:2024.07.15.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell EMC VxRail Appliance - 8.0.x versions prior to 8.0.213
- PowerFlex Custom Node - versions prior to 1.13.2, versions prior to 1.7.2, versions prior to 2.1.5 and versions prior to 2.14.1
- VxFlex Ready Node - versions prior to 2.21.2
Review the following advisories and apply the necessary updates: | Dell |
| 1634 | Red Hat Security Advisory. [Published Date: 2024-07-15]
[Id:2024.07.15.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1635 | Ubuntu Security Advisory. [Published Date: 2024-07-14]
[Id:2024.07.14.001]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1636 | IBM Security Advisory for QRadar SIEM. [Published Date: 2024-07-14]
[Id:2024.07.14.002]
details...
| IBM |
| 1637 | Palo Alto Networks Security Advisory. [Published Date: 2024-07-10]
[Id:2024.07.10.001]
details...
Palo Alto Networks published a security advisory to address a critical vulnerability in Palo Alto Networks Expedition - versions prior to 1.2.92.
Review the Palo Alto Networks Security Advisory and apply the necessary updates. | Palo Alto Networks |
| 1638 | VMware Security Advisory. [Published Date: 2024-07-10]
[Id:2024.07.10.002]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Aria Automation - versions 8.x
- VMware Cloud Foundation - versions 5.x and 4.x
Review the following advisories and apply the necessary updates: | Vmware |
| 1639 | GitHub Security Advisory. [Published Date: 2024-07-10]
[Id:2024.07.10.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitLab Community Edition (CE) - versions prior to 17.1.2, 17.0.4 and 16.11.6
- GitLab Enterprise Edition (EE) - versions prior to 17.1.2, 17.0.4 and 16.11.6
Review the provided GitLab Critical Patch Release: 17.1.2, 17.0.4, 16.11.6 and perform the suggested mitigations. | Gitlab |
| 1640 | Citrix Security Advisory. [Published Date: 2024-07-09]
[Id:2024.07.09.001]
details...
Citrix published security advisories to address vulnerabilities in the following products: - Citrix Virtual Apps and Desktops - versions prior to 2402 Long Term Service Release (LTSR)
- Citrix Virtual Apps and Desktops - version 1912 LTSR prior to CU9
- Citrix Virtual Apps and Desktops - version 2203 LTSR prior to CU5
- NetScalar Console - multiple versions
- NetScalar SVM - multiple versions
- NetScalar Agent - multiple versions
Review the following advisories and apply the necessary updates: | Citrix |
| 1641 | Microsoft July 2024 Security Updates. [Published Date: 2024-07-09]
[Id:2024.07.09.002]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Azure Network Watcher VM Extension for Windows
- Azure Kinect SDK
- Azure CycleCloud - multiple versions and platforms
- Azure DevOps Server 2022.1
- Microsoft 365 Apps for Enterprise - multiple platforms
- Microsoft .NET Framework - multiple versions and platforms
- Microsoft Defender for IoT
- Microsoft Dynamics 365 (on-premise) - version 9.1
- Microsoft OLE DB Driver for SQL Server - versions 18 and 19
- Microsoft Office - multiple versions and platforms
- Microsoft Outlook 2016
- Microsoft SQL Server - multiple versions and platforms
- Microsoft SharePoint Server - multiple versions and platforms
- Microsoft Visual Studio - multiple versions and platforms
- .NET - version 8.0
- Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates ( Security Update Guide). | Microsoft |
| 1642 | Fortinet Security Advisory. [Published Date: 2024-07-09]
[Id:2024.07.09.003]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiADC 7.4 - versions prior to 7.4.1
- FortiADC 7.2 - versions prior to 7.2.4
- FortiADC 7.1 - all versions
- FortiADC 7.0 - all versions
- FortiADC 6.2 - all versions
- FortiADC 6.1 - all versions
- FortiADC 6.0 - all versions
- FortiAIOps 2.0 - versions prior to 2.0.1
- FortiExtender 7.4 - versions prior to 7.4.3
- FortiExtender 7.2 - versions prior to 7.2.5
- FortiExtender 7.0 - versions prior to 7.0.5
Review the following advisories and apply the necessary updates: | Fortinet |
| 1643 | Mozilla Security Advisory. [Published Date: 2024-07-09]
[Id:2024.07.09.004]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox - versions prior to 128
- Firefox ESR - versions prior to 115.13
Review the following advisories and apply the necessary updates: | Mozilla |
| 1644 | Adobe Security Advisory. [Published Date: 2024-07-09]
[Id:2024.07.09.005]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe Adobe Premiere Pro
- Adobe InDesign
- Adobe Bridge
Review the following advisories and apply the necessary updates: | Adobe |
| 1645 | Red Hat Security Advisory. [Published Date: 2024-07-09]
[Id:2024.07.09.006]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1646 | Dell Security Advisory. [Published Date: 2024-07-07]
[Id:2024.07.07.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell Data Protection Central - version 19.10.0-4 and prior
- Dell EMC VxRail Appliance - 7.0.x versions prior to 7.0.521
- Dell Storage Monitoring and Reporting - versions prior to 5.0.1.0
- Dell Storage Resource Manager - versions prior to 5.0.1.0
- NetWorker vProxy - versions 19.10 to 19.10.0.3, versions 19.8 to 19.8.0.4, versions 19.9 to 19.9.0.7 and versions prior to 19.8
- PowerScale - multiple models and versions prior to 12.2
- PowerStore - multiple models and versions
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1647 | Ubuntu Security Advisory. [Published Date: 2024-07-07]
[Id:2024.07.07.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
- Ubuntu 24.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1648 | IBM Security Advisory. [Published Date: 2024-07-07]
[Id:2024.07.07.003]
details...
| IBM |
| 1649 | Red Hat Security Advisory. [Published Date: 2024-07-03]
[Id:2024.07.03.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platform
- Red Hat Enterprise Linux Server - multiple versions and platform
- Red Hat Enterprise Linux for ARM 64 - multiple versions and platform
- Red Hat Enterprise Linux for IBM z Systems-multiple versions and platform
- Red Hat Enterprise Linux for Power-multiple versions and platform
- Red Hat Enterprise Linux for Real Time - multiple versions and platform
- Red Hat Enterprise Linux for x86_64 - multiple versions and platform
Review the Red Hat Security Advisories and apply the necessary updates. | Red Hat |
| 1650 | HPE Security Advisory. [Published Date: 2024-07-03]
[Id:2024.07.03.002]
details...
HPE published a security advisory to address a vulnerability in the following products: - HPE Cray EX235a Accelerator Blade - versions prior to BIOS 1.8.0 in HFP 24.3.1
- HPE Cray EX235n Server - versions prior to BIOS 1.3.1 in HFP 23.9
- HPE Cray EX425 Compute Blade - versions prior to BIOS 1.7.2 in HFP 23.9
- HPE Cray EX4252 Compute Blade - version prior to BIOS 1.4.0 in HFP 23.8
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1651 | HPE Security Advisory. [Published Date: 2024-07-03]
[Id:2024.07.03.003]
details...
HPE published a security advisory to address a vulnerability in the following products: - HPE Unified Console versions prior to v3.1.6
- HPE Aruba Networking - multiple products and versions
- HPE CrayXD665 - versions prior to BMC 1.14
- HPE CrayXD670 - versions prior to BMC 1.14
- HPE Moonshot1500 2.0 Chassis Manager Module - versions prior to v4.0-b43
Review the following HPE Security Advisory and apply the necessary updates. | HPE |
| 1652 | Dell Security Advisory. [Published Date: 2024-07-02]
[Id:2024.07.02.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Avamar Virtual Edition for Hyper-V 2012 " versions 19.4, 19.7, 19.8, 19.9 and 19.10
- Avamar Virtual Edition for Hyper-V 2012R2, Hyper-V 2016, and Hyper-V 2019 " versions 19.4, 19.7,19.8,19.9 and 19.10
- Avamar Virtual Edition for KVM/Open Stack KVM " versions 19.4, 19.7, 19.8, 19.9 and 19.10
- Avamar Virtual Edition for VMware ESXi and vSphere " versions 19.4, 19.7, 19.8, 19.9 and 19.10
- Avamar Virtual Edition for VMware vSphere only " versions 19.4, 19.7, 19.8, 19.9 and 19.10
- Dell Avamar Data Store Gen4T - version ADS Gen4T
- Dell Avamar Data Store Gen5A - version ADS Gen5A
- Dell Avamar Data Store Gen5A, Gen4T - versions 19.4, 19.7, 19.8, 19.9 and 19.10
- Dell Power Protect DP Series (Integrated Data Protection Appliance (IDPA)) - version 2.7.6 and prior (only 8x models)
- Dell PowerProtect DD Management Center with SmartScale feature - versions 7.8 to 7.13
- Dell PowerProtect DD Management Center - versions 7.0 through 7.13
- Dell PowerProtect DD Management Center - versions 7.0 through 7.13
- Dell PowerProtect DD appliance models: DD6300, DD6800, and DD9300 - versions 7.0 through 7.13
- Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage - versions 7.0 through 7.13
- Dell PowerProtect DP Series Appliance - IDPA (Integrated Data Protection Appliance): All Models - versions prior to 2.7.7
- Dell PowerProtect Data Manager Appliance model: DM5500 - versions prior to 5.16.0.0
- Dell Protection Advisor - versions 19.7, 19.8, 19.9 and 19.10
- PowerProtect Data Manager Appliance model: DM5500 - versions prior to 5.16.0.0
Review the provided Dell Security Advisory and apply the necessary updates | Dell |
| 1653 | IBM Security Advisory. [Published Date: 2024-07-02]
[Id:2024.07.02.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Cloud Pak for AIOps - versions 4.1.0 to 4.5.1
- IBM Cloud Transformation Advisor - versions 2.0.1 to 3.9.0
- IBM Cognos Analytics - versions 11.2.0 to 11.2.4 FP3, 12.0.0 to 12.0.2 and 12.0.0 to 12.0.3
- IBM Cognos Dashboards on Cloud Pak for Data - versions 4.7.0 to 5.0
- IBM Observability with Instana (OnPrem) - version Build 271
- IBM Jazz Foundation -versions 6.0.6, 6.0.6.1, 7.0, 7.0.1 and 7.0.2
Review the IBM security bulletins and apply the necessary updates. | IBM |
| 1654 | Ubuntu Security Advisory. [Published Date: 2024-07-02]
[Id:2024.07.02.003]
details...
| Ubuntu |
| 1655 | Cisco Security Advisory. [Published Date: 2024-07-02]
[Id:2024.07.02.004]
details...
Cisco published a security advisory addressing vulnerabilities in the Cisco NX-OS Software CLI Command.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1656 | OpenSSH Security Advisory. [Published Date: 2024-07-01]
[Id:2024.07.01.001]
details...
A vulnerability has been discovered in OpenSSH, which could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments for remote server management, secure file transfers, and various DevOps practices.
Review the OpenSSH Release Note and apply the necessary updates. | Openssh |
| 1657 | Android Security Advisory -July 2024 Monthly Rollup. [Published Date: 2024-07-01]
[Id:2024.07.01.002]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1658 | Microsoft Edge Security Advisory. [Published Date: 2024-06-28]
[Id:2024.06.28.001]
details...
| Microsoft |
| 1659 | HPE Security Advisory. [Published Date: 2024-06-28]
[Id:2024.06.28.002]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE ProLiant DL325 Gen10 Plus server - versions prior to 2.84 (HFP 23.9)
- HPE ProLiant DL385 Gen10 Plus server - versions prior to 2.84 (HFP 23.9)
- HPE ProLiant XL645d Gen10 Plus Server - versions prior to 2.84 (HFP 23.9)
- HPE ProLiant XL675d Gen10 Plus Server - versions prior to 2.84 (HFP 23.9)
- HPE Cray EX235a Accelerator Blade - versions prior to 1.8.0 (HFP 24.3.1)
- HPE Cray EX235n Server - versions prior to 1.3.1 (HFP 23.9)
- HPE Cray EX425 Compute Blade - versions prior to 1.7.2 (HFP 23.9) Gen 2, and Gen 3 EPYC Processors
- HPE Cray EX4252 Compute Blade - versions prior to 1.4.0 (HFP 23.8)
review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1660 | Juniper Networks Security Advisory. [Published Date: 2024-06-28]
[Id:2024.06.28.003]
details...
Juniper Networks published a security advisory to address a critical vulnerability in the following products: - Juniper Session Smart Conductor - multiple versions
- Juniper Session Smart Router - multiple versions
- Juniper WAN Assurance Router - multiple versions
Review the Juniper Networks Security Advisories and apply the necessary updates. | Juniper |
| 1661 | GitLab Security Advisory. [Published Date: 2024-06-26]
[Id:2024.06.26.001]
details...
GitLab published a security advisory to address vulnerabilities in the following products: - GitLab Community Edition (CE) - versions prior to 1.1, 17.0.3 and 16.11.5
- GitLab Enterprise Edition (EE) - versions prior to 1.1, 17.0.3 and 16.11.5
Review the provided GitHub Security Advisory and perform the suggested mitigations. | Gitlab |
| 1662 | CISA, FBI, ACSC,ASD’s and CCCS Release Guidance for Exploring Memory Safety in Critical Open Source Projects. [Published Date: 2024-06-26]
[Id:2024.06.26.002]
details...
Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI), Australian Signals Directorate's (ASD's), Australian Cyber Security Centre (ACSC), and Canadian Cyber Security Center (CCCS), released Exploring Memory Safety in Critical Open Source Projects. This guidance was crafted to provide organizations with findings on the scale of memory safety risk in selected open source software (OSS).
Review the methodology and results of the joint guidance and use this guidance for memory safety in critical open source projects. | CISA |
| 1663 | Google Chrome Security Advisory. [Published Date: 2024-06-25]
[Id:2024.06.25.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 126.0.6478.126 for Linux and prior to 126.0.6478.126/127 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1664 | Citrix Security Advisory. [Published Date: 2024-06-25]
[Id:2024.06.25.002]
details...
Citrix published a security Advisory to address a vulnerability in Citrix NetScaler Gateway - multiple versions and platforms.
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1665 | Ubuntu Security Advisory. [Published Date: 2024-06-24]
[Id:2024.06.24.001]
details...
| Ubuntu |
| 1666 | Dell Security Advisory. [Published Date: 2024-06-23]
[Id:2024.06.23.001]
details...
Dell published security advisories to address vulnerabilities in the Dell EMC VxRail Appliance - 7.0x versions prior to 7.0.520.
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1667 | IBM Security Advisory. [Published Date: 2024-06-23]
[Id:2024.06.23.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - IBM Business Automation Workflow containers - version 23.0.2 to V23.0.2-IF004
- IBM Business Automation Workflow traditional - version 23.0.2
- IBM Cognos Analytics - version 12.0 to 12.0.2 and version 11.2.0 to 11.2.4 FP2
- IBM Db2 on Cloud Pak for Data - multiple versions
- IBM Db2 Warehouse on Cloud Pak for Data - multiple versions
- IBM i - versions 7.3, 7.4 and 7.5
- IBM Maximo Application Suite (IoT Component) - version 8.8.x and 8.7.x
- IBM Security SOAR - version 51.0.2.0 and prior
- IBM Storage Insights (Data Collector) - version 20240510-0638 and prior
- IBM Storage Protect for Space Management - version 8.1.0.0 to 8.1.21.0
- IBM Storage Scale System - version 6.1.0.0 to 6.1.2.9 and version 6.1.3.0 to 6.1.9.2
- IBM Storage Virtualize - versions 8.4, 8.5 and 8.6
- IBM Watson Assistant for IBM Cloud Pak for Data - version 4.0.0 to 4.8.5
- IBM Watson Explorer Analytical Components - multiple versions
- IBM Watson Explorer DAE Foundational Components - multiple versions
- IBM Watson Explorer Foundational Components - multiple versions
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - version 4.0.0 to 4.8.5
Review the IBM security bulletins and apply the necessary updates. | IBM |
| 1668 | Microsoft Edge Security Advisory. [Published Date: 2024-06-21]
[Id:2024.06.21.001]
details...
| Microsoft |
| 1669 | Google Chrome Security Advisory. [Published Date: 2024-06-19]
[Id:2024.06.19.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 126.0.6478.114 for Linux and prior to 126.0.6478.114/115 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1670 | Juniper Networks Security Advisory. [Published Date: 2024-06-19]
[Id:2024.06.19.002]
details...
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics - versions prior to 7.5.0 UP8 and 7.5.0 UP8 IF02.
Review the Juniper Networks Security Advisories - JSA82681 and apply the necessary updates. | Juniper |
| 1671 | VMware Security Advisory. [Published Date: 2024-06-18]
[Id:2024.06.18.001]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware vCenter Server versions prior to 8.0 U2d
- VMware vCenter Server versions prior to 8.0 U1e
- VMware vCenter Server versions prior to 7.0 U3r
- VMware Cloud Foundation (VMware vCenter Server) versions prior to KB88287
Review VMware security advisory VMSA-2024-0012 and apply the necessary updates. | Vmware |
| 1672 | Atlassian Security Advisory. [Published Date: 2024-06-18]
[Id:2024.06.18.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Confluence Data Center and Server - multiple versions
- Fisheye/Crucible - multiple versions
- Jira Data Center and Server - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1673 | RedHat Security Advisory. [Published Date: 2024-06-16]
[Id:2024.06.16.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Review the following advisories and apply the necessary updates: | Red Hat |
| 1674 | Google Chrome Security Advisory. [Published Date: 2024-06-14]
[Id:2024.06.14.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 1 26.0.6478.61 for Linux and prior to 126.0.6478.61/.62 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1675 | Mozilla Security Advisory. [Published Date: 2024-06-14]
[Id:2024.06.14.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox for iOS - versions prior to 127
- Thunderbird - versions prior to 115.12
Review the following advisories and apply the necessary updates: | Mozilla |
| 1676 | Dell Security Advisory. [Published Date: 2024-06-14]
[Id:2024.06.14.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Dell Data Protection Central - multiple versions
- Dell Secure Connect Gateway - version 5.22.00.18
- PowerProtect DP Series (Integrated Data Protection Appliance (IDPA) Appliance) - version 2.7.6 and prior
Review the following advisories and apply the necessary updates: | Dell |
| 1677 | IBM Security Advisory. [Published Date: 2024-06-14]
[Id:2024.06.14.004]
details...
IBM published a security bulletin to address vulnerabilities affecting IBM Storage Copy Data Management - version 2.2.0.0 to 2.2.23.1.
Review the IBM security bulletins and apply the necessary updates. | IBM |
| 1678 | Microsoft Edge Security Advisory. [Published Date: 2024-06-13]
[Id:2024.06.13.001]
details...
| Microsoft |
| 1679 | Adobe Security Advisory. [Published Date: 2024-06-12]
[Id:2024.06.12.001]
details...
Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Adobe Commerce - multiple versions
- Adobe Commerce Webhooks Plugin - versions 1.2.0 to 1.4.0
- Adobe Experience Manager - multiple versions
- Adobe FrameMaker Publishing Server - versions prior to 2022.3
- Adobe Photoshop 2023 - versions prior to 24.7.4
- Adobe Photoshop 2024 - versions prior to 25.9
- Adobe Substance 3D Stager - versions prior to 3.0.2
- ColdFusion 2021 - versions prior to Update 14
- ColdFusion 2023 - versions prior to Update 8
- Magneto Open Source - multiple versions
Review the Adobe Security Advisories and apply the necessary updates. | Adobe |
| 1680 | Google Chrome Security Advisor. [Published Date: 2024-06-12]
[Id:2024.06.12.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 126.0.6478.54 for Linux and prior to 126.0.6478.56/57 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1681 | Microsoft June 2024 Security Updates. [Published Date: 2024-06-11]
[Id:2024.06.11.001]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Windows 10 - multiple versions and platforms
- Windows 11 - multiple versions and platforms
- Windows Server - multiple versions and platforms
- Azure Data Science Virtual Machines for Linux
- Azure File Sync
- Azure Identity Library
- Azure Monitor Agent
- Azure Storage Movement Client Library for .NET
- Microsoft 365 Apps for Enterprise - multiple platforms
- Microsoft Authentication Library (MSAL)
- Microsoft Dynamics 365 Business Central 2023 Release Wave 1
- Microsoft Office - multiple versions and platforms
- Microsoft Outlook 2016
- Microsoft SharePoint Server - multiple versions and platforms
- Microsoft Visual Studio - multiple versions and platforms
Review the Microsoft Security Updates and apply the necessary updates. | Microsoft |
| 1682 | Mozilla Security Advisory. [Published Date: 2024-06-11]
[Id:2024.06.11.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox - versions prior to 127
- Firefox ESR - versions prior to 115.12
Review the following advisories and apply the necessary updates: | Mozilla |
| 1683 | SAP Security Advisory. [Published Date: 2024-06-11]
[Id:2024.06.11.003]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP Financial Consolidation - version FINANCE 1010
- SAP NetWeaver AS Java - version MMR_SERVER 7.5
Review the SAP Security Patch Day - June 2024 and apply the necessary updates. | SAP |
| 1684 | Fortinet Security Advisory. [Published Date: 2024-06-11]
[Id:2024.06.11.004]
details...
Fortinet has released security updates to address a vulnerability in FortiOS.
Review the Fortinet Advisory and apply the necessary updates. | Fortinet |
| 1685 | Veeam Security Advisory. [Published Date: 2024-06-11]
[Id:2024.06.11.005]
details...
Veem has released security updates to address a vulnerability in Veeam Recovery Orchestrator - versions prior to 7.1.0.230 and versions prior to 7.0.0.379.
Review the Veeam Security Advisory and apply the necessary updates. | Veeam |
| 1686 | Dell Security Advisory. [Published Date: 2024-06-10]
[Id:2024.06.10.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Dell EMC VxRail Appliance - 8.0.x versions prior to 8.0.212
- Dell PowerScale OneFS - multiple versions
Review the following Dell Security Advisory and apply the necessary updates. | Dell |
| 1687 | IBM Security Advisory. [Published Date: 2024-06-10]
[Id:2024.06.10.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM App Connect Enterprise Certified Container - versions 5.0-lts, 10.1, 11.0, 11.1, 11.2 and 11.3
- IBM ICP - Discovery - version 4.0.0 to 4.8.4
- IBM Jazz Foundation - version 7.0.2
Review the following IBM Security Advisory and apply the necessary updates. | IBM |
| 1688 | Ubuntu Security Advisory. [Published Date: 2024-06-09]
[Id:2024.06.09.001]
details...
| Ubuntu |
| 1689 | RedHat Security Advisory. [Published Date: 2024-06-09]
[Id:2024.06.09.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the following RedHat Security Advisory and apply the necessary updates. | Red Hat |
| 1690 | PHP Security Advisory. [Published Date: 2024-06-07]
[Id:2024.06.07.001]
details...
| PHP |
| 1691 | HPE Security Advisory. [Published Date: 2024-06-06]
[Id:2024.06.06.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE StoreEasy 1670 Performance Storage - versions prior to v2.20_05-27-2024
- HPE StoreEasy 1670 Storage - versions prior to v2.20_05-27-2024
- HPE StoreEasy 1870 Performance Storage - versions prior to v2.20_05-27-2024
- HPE StoreEasy 1870 Storage - versions prior to v2.20_05-27-2024
review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1692 | SolarWinds Security Advisory. [Published Date: 2024-06-06]
[Id:2024.06.06.002]
details...
SolarWinds published security advisories to address vulnerabilities multiple products. Included were updates for the following: - SolarWinds Platform - version 2024.1 SR 1 and prior
- SolarWinds Serv-U - version 15.4.2 HF 1 and prior
Review the following SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1693 | Cisco Security Advisory. [Published Date: 2024-06-05]
[Id:2024.06.05.001]
details...
Cisco published a security advisory addressing vulnerabilities in the Cisco Webex Meeting.
Review the Cisco Security Advisory and apply the necessary updates. | Cisco |
| 1694 | HPE Security Advisory. [Published Date: 2024-06-04]
[Id:2024.06.04.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Alletra 4110 - versions prior to v2.20_05-27-2024
- HPE Alletra 4120 - versions prior to v2.20_05-27-2024
- HPE ProLiant DL110 Gen11 - versions prior to v2.20_05-27-2024
- HPE ProLiant DL320 Gen11 Server - versions prior to v2.20_05-27-2024
- HPE ProLiant DL360 Gen11 Server - versions prior to v2.20_05-27-2024
- HPE ProLiant DL380 Gen11 Server - versions prior to v2.20_05-27-2024
- HPE ProLiant DL380a Gen11 - versions prior to v2.20_05-27-2024
- HPE ProLiant DL560 Gen11 - versions prior to v2.20_05-27-2024
- HPE ProLiant ML110 Gen11 - versions prior to v2.20_05-27-2024
- HPE ProLiant ML350 Gen11 Server - versions prior to v2.20_05-27-2024
- HPE Compute Edge Server e930t - versions prior to v2.20_05-27-2024
- HPE Synergy 480 Gen11 Compute Module - versions prior to v2.20_05-27-2024
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1695 | Dell Security Advisory. [Published Date: 2024-06-03]
[Id:2024.06.03.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Live Optics Linux Collector - versions prior to 25.1.10.29
- Live Optics Windows Collector and Live Optics PE Collector - versions prior to 25.2.1.153
- PowerStore 1000T - versions prior to 4.0.0.0 to 2284811
- PowerStore 1200T - versions prior to 4.0.0.0 to 2284811
- PowerStore 3000T - versions prior to 4.0.0.0 to 2284811
- PowerStore 3200T - versions prior to 4.0.0.0 to 2284811
- PowerStore 5000T - versions prior to 4.0.0.0 to 2284811
- PowerStore 500T - versions prior to 4.0.0.0 to 2284811
- PowerStore 5200T - versions prior to 4.0.0.0 to 2284811
- PowerStore 7000T - versions prior to 4.0.0.0 to 2284811
- PowerStore 9000T - versions prior to 4.0.0.0 to 2284811
- PowerStore 9200T - versions prior to 4.0.0.0 to 2284811
Review the provided Dell Security Advisory and notices and apply the necessary updates. | Dell |
| 1696 | IBM Security Advisory. [Published Date: 2024-06-03]
[Id:2024.06.03.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - versions 3.5 to refresh 10, 4.0 to refresh 9, 4.5 to refresh 3, 4.6 to refresh 6, 4.7 to refresh 4 and 4.7 to refresh 4
- IBM Planning Analytics Local - IBM Planning Analytics Workspace - versions 2.1 and 2.0
Review the following advisories and apply the necessary updates: | IBM |
| 1697 | Ubuntu Security Advisory. [Published Date: 2024-06-03]
[Id:2024.06.03.003]
details...
| Ubuntu |
| 1698 | Red Hat Security Advisory. [Published Date: 2024-06-03]
[Id:2024.06.03.004]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Virtualization Host 4 for RHEL 8 x86_64
Review the Red Hat Security Advisories and apply the necessary updates. | Red Hat |
| 1699 | Android Security Advisory - June 2024 Monthly Rollup. [Published Date: 2024-06-03]
[Id:2024.06.03.005]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1700 | Microsoft Edge Security Advisory. [Published Date: 2024-06-03]
[Id:2024.06.03.006]
details...
| Microsoft |
| 1701 | Google Chrome Security Advisory. [Published Date: 2024-05-31]
[Id:2024.05.31.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 125.0.6422.141 for Linux and prior to 125.0.6422.141/.142 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1702 | Ivanti Security Advisory. [Published Date: 2024-05-29]
[Id:2024.05.29.001]
details...
| Ivanti |
| 1703 | Fortinet Security Advisory. [Published Date: 2024-05-29]
[Id:2024.05.29.002]
details...
Fortinet published a security advisory to address multiple vulnerabilities in Fortinet FortiSIEM - version versions 7.1.0 - 7.1.1, 7.0.0 - 7.0.2 , 6.7.0 - 6.7.8 , 6.6.0 - 6.6.3 , 6.5.0 - 6.5.2 , 6.4.0 - 6.4.2.
Review the Fortinet FortiSIEM Advisory and apply the necessary updates. | Fortinet |
| 1704 | Microsoft Edge Security Advisory. [Published Date: 2024-05-28]
[Id:2024.05.28.001]
details...
| Microsoft |
| 1705 | HPE Security Advisory. [Published Date: 2024-05-28]
[Id:2024.05.28.002]
details...
HPE published a security advisory to address vulnerabilities in the following product: - HP-UX Tomcat-based Servlet v.9.x Engine - version D.9.0.43.01 and prior.
Review the HPE Security Bulletin and apply the necessary updates. | HPE |
| 1706 | Citrix Security Advisory. [Published Date: 2024-05-28]
[Id:2024.05.28.003]
details...
Citrix published a security advisory to address a vulnerability in the following product: - Citrix Workspace app for Mac - version prior to 2402.10
Review the Citrix Security Advisory and apply the necessary updates. | Citrix |
| 1707 | Foxit Security Advisory. [Published Date: 2024-05-27]
[Id:2024.05.27.003]
details...
Foxit published security advisories to address vulnerabilities in the following products: - Foxit PDF Editor for Windows - multiple versions
- Foxit PDF Reader for Windows - versions prior to 2024.2.1.25153
- Foxit PDF Editor for Mac - multiple versions
- Foxit PDF Reader for Mac - versions prior to 2024.2.1.64379
Review the Foxit Security Bulletins and apply the necessary updates. | Foxit |
| 1708 | Dell Security Advisory. [Published Date: 2024-05-27]
[Id:2024.05.27.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Dell NetWorker Runtime Environment (NRE) - version 8.0.18
- Live Optics Windows and Live Optics PE Collector - versions 25.1.12.151 and prior
- Dell EMC VxRail Appliance - 7.0.x versions prior to 7.0.484
Review the following advisories and apply the necessary updates: | Dell |
| 1709 | IBM Security Advisory. [Published Date: 2024-05-27]
[Id:2024.05.27.002]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - CP4NA - version 2.7.2
- Db2 Rest - versions 1.0.0.121-amd64 to 1.0.0.301-amd64
- IBM Security Guardium - versions 11.4, 11.5 and 12.0
- IBM Storage Fusion - versions 2.3.0 to 2.7.1 and 2.5.0 to 2.7.2
- IBM Storage Fusion HCI - versions 2.5.2 to 2.7.2
- IBM Storage Protect Plus Container Agent (Kubernetes) - versions 10.1.5 to 10.1.12
- IBM Storage Protect Plus Container Agent (Red Hat OpenShift) - versions 10.1.7 to 10.1.12
- ICP - Discovery - versions 4.0.0 to 4.8.4
Review the IBM Security Bulletins and apply the necessary updates. | IBM |
| 1710 | Red Hat Security Advisory. [Published Date: 2024-05-26]
[Id:2024.05.26.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisories and apply the necessary updates. | Red Hat |
| 1711 | Ubuntu Security Advisory. [Published Date: 2024-05-26]
[Id:2024.05.26.001]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu Security Notices and apply the necessary updates. | Ubuntu |
| 1712 | Cisco Security Advisory. [Published Date: 2024-05-23]
[Id:2024.05.23.001]
details...
| Cisco |
| 1713 | HPE Security Advisory. [Published Date: 2024-05-23]
[Id:2024.05.23.002]
details...
HPE published security advisories to address vulnerabilities in HPE SANnav Management Software - versions prior to 2.3.0a and 2.3.1a.
Review the HPE Security Bulletin - hpesbst04648 and apply the necessary updates. | HPE |
| 1714 | Mitel Security Advisory. [Published Date: 2024-05-23]
[Id:2024.05.23.003]
details...
Mitel published security advisories to address vulnerabilities in the following products: - Mitel MiCollab - version 9.7.1.110 and prior, version 9.8.0.33 and prior
- Mitel MiVoice Business Solution Virtual Instance (MiVB SVI) - version 1.0.0.25
Review the following advisories and apply the necessary updates: | Mitel |
| 1715 | GitLab Security Advisory. [Published Date: 2024-05-23]
[Id:2024.05.23.004]
details...
GitLab published a security advisory to address vulnerabilities in the following products: - GitLab Community Edition (CE) - versions prior to 0.1, 16.11.3 and 16.10.6
- GitLab Enterprise Edition (EE) - versions prior to 17.0.1, 16.11.3 and 16.10.6
Review the following advisories and apply the necessary updates: | Gitlab |
| 1716 | Google Chrome Security Advisory. [Published Date: 2024-05-23]
[Id:2024.05.23.005]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 125.0.6422.112 for Linux and prior to 125.0.6422.112/.113 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1717 | Ivanti Security Advisory. [Published Date: 2024-05-22]
[Id:2024.05.22.001]
details...
Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Ivanti Connect Secure (ICS) - versions 9.x and 22.x
- Ivanti Endpoint Manager (EPM) - version 2022 SU5 and prior
- Ivanti Neurons for ITSM/ITAM - versions 2023.4, 2023.3, 2023.2 and 2023.1
- Ivanti Policy Secure gateways - versions prior to 22.7R1
- Ivanti Secure Access - versions prior to 22.7R1
Review the following advisories and apply the necessary updates: | ivanti |
| 1718 | Cisco Security Advisory. [Published Date: 2024-05-22]
[Id:2024.05.22.002]
details...
| CISCO |
| 1719 | VMware Security Advisory. [Published Date: 2024-05-22]
[Id:2024.05.22.003]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Cloud Foundation (ESXi) - multiple versions
- VMware Cloud Foundation (vCenter Server) - multiple versions
- VMware ESXi - versions 8.0 prior to ESXi80U2sb-23305545 and versions 7.0 prior to ESXi70U3sq-23794019
- VMware Fusion - versions prior to 13.5.1
- VMware vCenter Server - versions 8.0 prior to 8.0 U2b and versions 7.0 prior to 7.0 U3q
- VMware Workstation - versions prior to 17.5.1
Review the following advisories and apply the necessary updates: | Vmware |
| 1720 | IBM Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM i Modernization Engine for Lifecycle Integration - version 1.0 to 1.4.6
- IBM Operational Decision Manager - versions 8.10.4, 8.10.5.2, 8.11.0.1, 8.11.1 and 8.12.0.1
- IBM Process Mining - version 1.14.4
- IBM QRadar SIEM - version 7.5 to 7.5.0 UP8
Review the provided IBM Security Advisory and apply the necessary updates. | IBM |
| 1721 | Red Hat Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder " multiple versions and platforms
- Red Hat Enterprise Linux " multiple versions and platforms
- Red Hat Enterprise Linux Server " multiple versions and platforms
Review the RHSA-2024:2845, RHSA-2024:2846 security advisory and apply the necessary updates. | Red Hat |
| 1722 | GitHub Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.003]
details...
GitHub published a security advisory to address a critical vulnerability in the following products: - GitHub Enterprise Server - versions 3.12.x prior to 3.12.4
- GitHub Enterprise Server - versions 3.11.x prior to 3.11.10
- GitHub Enterprise Server - versions 3.10.x prior to 3.10.12
- GitHub Enterprise Server - versions 3.9.x prior to 3.9.15
Review the following advisories and apply the necessary updates: | Github |
| 1723 | Google Chrome Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 125.0.6422.76 for Linux and prior to 125.0.6422.76/.77 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1724 | Atlassian Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.005]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center - multiple versions
- Bamboo Server - multiple versions
- Bitbucket Data Center - multiple versions
- Bitbucket Server - multiple versions
- Confluence Data Center - multiple versions
- Confluence Server - multiple versions
- Crowd Data Center - multiple versions
- Crowd Server - multiple versions
- Jira Service Management Data Center - multiple versions
- Jira Service Management Server - multiple versions
- Jira Software Data Center - multiple versions
- Jira Software Server - multiple versions
Review the following advisories and apply the necessary updates: | Atlassian |
| 1725 | Ubuntu Security Advisory. [Published Date: 2024-05-21]
[Id:2024.05.21.006]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
Review the Ubuntu security notices and apply the necessary updates. | Ubuntu |
| 1726 | Dell Security Advisory. [Published Date: 2024-05-19]
[Id:2024.05.19.001]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.13.39
- APEX Cloud Platform Foundation Software - 03.xx versions prior to 03.00.04.01
- Dell Apex Cloud Platform for Microsoft Azure - versions prior to 01.01.01.01
- Dell Protection Advisor - versions 19.5 to 19.9
- Disk Library for mainframe - versions prior to 5.5.0.5
- Microsoft Azure Stack HCI - versions prior to 10.2402
- PowerEdge T30 - versions prior to 1.14.0
- PowerEdge T40 - versions prior to 1.15.0
- PowerProtect DP Series Appliance (IDPA) - version 2.7.6 and prior
Review the provided Dell Security Advisory and notices and apply the necessary updates. | Dell |
| 1727 | HPE Security Advisory. [Published Date: 2024-05-17]
[Id:2024.05.17.001]
details...
HPE published a security advisory to address a vulnerability in the following products: - HPE B-series SN2600B SAN Extension Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN3600B Fibre Channel Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN4700B SAN Extension Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN6600B Fibre Channel Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN6650B Fibre Channel Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN6700B Fibre Channel Switch - version 9.x prior to v9.1.1d1
- HPE B-series SN6750B Fibre Channel Switch - version 9.x prior to v9.1.1d1
- HPE SN8600B 4-slot SAN Director Switch - version 9.x prior to v9.1.1d1
- HPE SN8700B 4-slot SAN Director Switch - version 9.x prior to v9.1.1d1
- HPE SN8600B 8-slot SAN Director Switch - version 9.x prior to v9.1.1d1
- HPE SN8700B 8-slot SAN Director Switch - version 9.x prior to v9.1.1d1
- Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy - version 9.x prior to v9.1.1d1
Review the HPE security bulletins, HPE Security Bulletin Library and apply the necessary updates. | HPE |
| 1728 | Microsoft Edge Security Advisory. [Published Date: 2024-05-16]
[Id:2024.05.16.001]
details...
| Microsoft |
| 1729 | Microsoft Edge Security Advisory. [Published Date: 2024-05-15]
[Id:2024.05.15.001]
details...
| Microsoft |
| 1730 | F5 Security Advisory. [Published Date: 2024-05-15]
[Id:2024.05.15.002]
details...
| F5 |
| 1731 | Cisco Security Advisory. [Published Date: 2024-05-15]
[Id:2024.05.15.003]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Cisco Crosswork Network Services Orchestrator (NSO) CLI - multiple versions
- ConfD CLI - multiple versions
Review the following advisories and apply the necessary updates: | Cisco |
| 1732 | Google Chrome Security Advisory. [Published Date: 2024-05-15]
[Id:2024.05.15.004]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 125.0.6422.60 for Linux and prior to 125.0.6422.60/.61 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1733 | Apple Security Advisory for Safari. [Published Date: 2024-05-14]
[Id:2024.05.14.001]
details...
Apple published a security update to address a vulnerability in Apple Safari - versions prior to 17.5.
Review Apple security releases and apply necessary updates. | Apple |
| 1734 | Mozilla Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.002]
details...
Mozilla published security advisories to address vulnerabilities in the following products: - Firefox - versions prior to 126
- Firefox ESR - versions prior to 115.11
Review the following advisories and apply the necessary updates: | Mozilla |
| 1735 | SAP Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.003]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP CX Commerce - version HY_COM 2205
- SAP NetWeaver Application Server ABAP and ABAP Platform - multiple versions
Review the SAP Security Patch and apply the necessary updates. | SAP |
| 1736 | Microsoft May 2024 Security Updates [Published Date: 2024-05-14]
[Id:2024.05.14.004]
details...
Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - Dynamics 365 Customer Insights
- Microsoft 365 Apps for Enterprise
- Microsoft Excel 2016
- Microsoft .NET 7.0 and 8.0
- Microsoft Office - multiple versions and platforms
- Microsoft SharePoint - multiple versions and platforms
- Microsoft SharePoint Server - multiple versions and platforms
- Microsoft Visual Studio - multiple versions and platforms
- Office Online Server
- Windows 10 - multiple platforms and versions
- Windows 11 - multiple platforms and versions
- Windows Server - multiple platforms
Review the Microsoft Release Notes and apply the necessary updates. | Microsoft |
| 1737 | Fortinet Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.005]
details...
Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products: - FortiPortal 7.2 - versions 7.2.0 to 7.2.1
- FortiPortal 7.0 - versions 7.0.0 to 7.0.6
- FortiSOAR 7.4 - all versions
- FortiSOAR 7.3 - all versions
- FortiSOAR 7.2 - all versions
- FortiSOAR 7.0 - all versions
- FortiSOAR 6.4 - all versions
- FortiWebManager 7.2 - version 7.2.0
- FortiWebManager 7.0 - versions 7.0.0 to 7.0.4
- FortiWebManager 6.3 - version 6.3.0
- FortiWebManager 6.2 - versions 6.2.3 to 6.2.4
- FortiWebManager 6.0 - version 6.0.2
- FortiSandbox 4.4 - versions 4.4.0 to 4.4.4
- FortiSandbox 4.2 - versions 4.2.0 to 4.2.6
Review the Fortinet PSIRT Advisories and apply necessary updates. | Fortinet |
| 1738 | Adobe Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.006]
details...
Adobe published security advisories to address vulnerabilities in the following products: - Acrobat DC - version 24.002.20736 and prior
- Acrobat Reader DC - version 24.002.20736 and prior
- Acrobat 2020 - version 20.005.30574 and prior
- Acrobat Reader 2020 - version 20.005.30574 and prior
- Adobe Animate 2023 - version 23.0.5 and prior
- Adobe Animate 2024 - version 24.0.2 and prior
- Adobe Dreamweaver - version 21.3 and prior
- Adobe FrameMaker - versions 2020 Release Update 5 and 2022 Release Update 3 and prior
- Adobe Substance 3D Designer - version 13.1.1 and prior
- Adobe Substance 3D Painter - version 9.1.2 and prior
- Aero - version 0.23.4 and prior
- Illustrator 2023 - version 27.9.3 and prior
- Illustrator 2024 - version 28.4 and prior
Review the provided Adobe Security Advisories and perform the suggested mitigations. | Adobe |
| 1739 | Intel Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.007]
details...
Intel published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Intel Agilex 7 FPGAs and SoC FPGAs Firmware - versions after 21.4
- Intel Stratix 10 FPGAs and SoC FPGAs Firmware - versions after 21.2
- Intel Arc & Iris Xe Graphics software - versions prior to 31.0.101.5081
- Intel DTT software - multiple versions and platforms
- Intel Ethernet Controller I225 Manageability firmware - versions prior to 1.87
- Intel Ethernet Adapters - versions prior to 29.0.1
- Intel GPA software - versions prior to 2023.3
- Intel GPA Framework software - versions prior to 2023.3
- Intel Neural Compressor software - versions prior to 2.5.0
- Intel Power Gadget software for macOS X - versions prior to 3.7.0
- Intel Power Gadget software for Windows - versions prior to 3.6.0
- Intel PROSet/Wireless Wi-Fi software - versions prior to 23.20
- Intel Server D50DNP Family
- Intel Server M50FCP Family
- Intel Server Board S2600BP Family
- Intel TDX module software - versions prior to TDX_1.5.05.46.698
Review the provided Intel Security Advisories and perform the suggested mitigations. | Intel |
| 1740 | HPE Security Advisory. [Published Date: 2024-05-14]
[Id:2024.05.14.008]
details...
HPE published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products: - ArubaOS 10.5.x.x - version 10.5.1.0 and prior
- ArubaOS 10.4.x.x - version 10.4.1.0 and prior
- ArubaOS 10.3.x.x - all versions
- InstantOS 8.11.x.x - version 8.11.2.1 and prior
- InstantOS 8.10.x.x - version 8.10.0.10 and prior
- InstantOS 8.9.x.x - all versions
- InstantOS 8.8.x.x - all versions
- InstantOS 8.7.x.x - all versions
- InstantOS 8.6.x.x - version 8.6.0.23 and prior
- InstantOS 8.5.x.x - all versions
- InstantOS 8.4.x.x - all versions
- InstantOS 6.5.x.x - all versions
- InstantOS 6.4.x.x - all versions
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1741 | Microsoft Edge Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.001]
details...
| Microsoft |
| 1742 | Dell Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.002]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - Dell Avamar NDMP Accelerator - versions 19.4, 19.7, 19.8, 19.9 and 19.10 running SUSE Linux Enterprise 12 SP5
- Dell Avamar Server Hardware Appliance Gen4T/ Gen5A - versions 19.4, 19.7, 19.8, 19.9 and 19.10 running SUSE Linux Enterprise 12 SP5
- Dell Avamar Virtual Edition - versions 19.4, 19.7, 19.8, 19.9 and 19.10 running SUSE Linux Enterprise 12 SP5
- Dell Avamar VMware Image Proxy - versions 19.4, 19.7, 19.8, 19.9 and 19.10 running SUSE Linux Enterprise 12 SP5
- Dell Networker Virtual Edition (NVE) - versions 19.4.x, 19.5.x, 19.6.x, 19.7.x, 19.8.x, 19.9.x and 19.10.x running SUSE Linux Enterprise 12 SP5
- Dell Power Protect DP Series Appliance / Dell Integrated Data Protection Appliance (IDPA) - version 2.7.x running SLES12SP5
- Dell PowerProtect Data Manager DM5500 Appliance - versions 5.15 and prio
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1743 | Ubuntu Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.003]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the following advisories and apply the necessary updates: | Ubuntu |
| 1744 | IBM Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Cloudera Data Platform Private Cloud Base with IBM (CDP) - version 7.1.9
- IBM Maximo Application Suite " Monitor Component - versions 8.10 and 8.11
- IBM QRadar SIEM - versions 7.5 to 7.5.0 UP8 IF01
- QRadar User Beahviour Analytics - versions 1.0.0 to 4.1.15
- IBM Sterling Connect: Direct Web Services - versions 6.0, 6.1.0, 6.2.0 and 6.3.0
- IBM Sterling Connect: Direct Web Services (Certified Container) - all versions
- IBM Storage Scale - versions 5.1.0.0 to 5.1.9.2
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.4
- IBM Watson Assistant for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.4
Review the provided IBM Security Advisory and apply the necessary updates. | IBM |
| 1745 | Red Hat Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.005]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux for x86_64 - version Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for Power, little endian - version Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - version TUS 8.8 x86_64
- Red Hat Enterprise Linux Server for Power LE - version Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux for x86_64 - version Update Services for SAP Solutions 8.8 x86_64
Review the Red Hat security advisories, RHSA-2024:2697 - Security Advisory, and apply the necessary updates. | Red Hat |
| 1746 | Apple Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.006]
details...
Apple published security updates to address vulnerabilities in the following products: - iOS and iPadOS - versions prior to 16.7.8
- iOS and iPadOS - versions prior to 17.5
- macOS Monterey - versions prior to 12.7.5
- macOS Sonoma - versions prior to 14.5
- macOS Ventura - versions prior to 13.6.7
- tvOS - versions prior to 17.5
- watchOS - versions prior to 10.5
Review Apple security releases and apply necessary updates. | Apple |
| 1747 | Google Chrome Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.007]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 124.0.6367.207 for Linux and prior to 124.0.6367.207/.208 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1748 | VMware Security Advisory. [Published Date: 2024-05-13]
[Id:2024.05.13.008]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Fusion - versions 13.x prior to 13.5.2
- VMware Workstation - versions 17.x prior to 17.5.2
Review the following advisories and apply the necessary updates: | Vmware |
| 1749 | CISA, FBI, HHS and MS-ISAC Release Advisory on Black Basta Ransomware. [Published Date: 2024-05-10]
[Id:2024.05.10.001]
details...
Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Black Basta is a ransomware-as-a-service (RaaS) variant first identified in April 2022. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities in North America, Europe, and Australia, including healthcare organizations.
Review the updated joint advisory to protect and detect malicious activity. | Cisa |
| 1750 | F5 Releases Security Advisory. [Published Date: 2024-05-10]
[Id:2024.05.10.002]
details...
F5 published security updates for multiple products. Included were updates for the following: - BIG-IP (all modules) - multiple versions and models
- BIG-IP Next Central Manager - multiple versions and models
- BIG-IP (AFM) - multiple versions and models
- BIG-IP Next CN - multiple versions and models
Review the F5 security advisory and apply the necessary updates or workarounds. | F5 |
| 1751 | Google Chrome Security Advisory. [Published Date: 2024-05-09]
[Id:2024.05.09.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 124.0.6367.20 for Linux and prior to 124.0.6367.201/.202 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1752 | Juniper Security Advisory. [Published Date: 2024-05-09]
[Id:2024.05.09.002]
details...
Juniper published security advisories to address vulnerabilities in the following products: - Junos OS - version 19.4R1 and later
- Junos OS Evolved - version 22.3R1 and later
Review Juniper's Support Portal and apply the necessary updates. | Juniper |
| 1753 | Apple Security Advisory for Apple iTunes. [Published Date: 2024-05-08]
[Id:2024.05.08.001]
details...
Apple published a security update to address a vulnerability in Apple iTunes.
Review Apple security releases and apply necessary updates. | Apple |
| 1754 | Citrix Security Advisory. [Published Date: 2024-05-08]
[Id:2024.05.08.002]
details...
Citrix published a security Advisory to address a vulnerability in XenCenter for Citrix Hypervisor.
Review Citrix security advisory and apply necessary updates. | Citrix |
| 1755 | Google Chrome Security Advisory. [Published Date: 2024-05-07]
[Id:2024.05.07.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions (Stable Channel) 124.0.6367.155 for Linux and prior to 124.0.6367.155/.156 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1756 | Android security advisory - May 2024 Monthly Rollup. [Published Date: 2024-05-06]
[Id:2024.05.06.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1757 | Ubuntu Security Advisory. [Published Date: 2024-05-06]
[Id:2024.05.06.002]
details...
Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the Ubuntu security notices and apply the necessary updates. | Ubuntu |
| 1758 | IBM Security Advisory. [Published Date: 2024-05-06]
[Id:2024.05.06.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Business Automation Manager Open Editions - versions 8.0.4 and 8.0.4-IF001
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Controller - versions 10.4.1, 10.4.2 and 11.0.0
- IBM Planning Analytics - versions 2.0 and 2.1
- IBM QRadar SIEM (On Azure Marketplace) - version 7.3.3 to 7.5.0
- IBM Spectrum Discover - versions 2.1.0, 2.1.1, 2.1.2, 2.1.3 and 2.1.4
- IBM Storage Copy Data Management - version 2.2.0.0 to 2.2.23.0
- IBM Storage Scale - version 5.1.0.0 to 5.1.9.2
- IBM Storage Scale System - versions 6.1.0.0 to 6.1.2.8 and 6.1.3.0 to 6.1.9.1
- Watson Discovery - version 4.0.0 to 4.8.4
Review the provided IBM Security Advisory and apply the necessary updates. | IBM |
| 1759 | Dell Security Advisory. [Published Date: 2024-05-06]
[Id:2024.05.06.004]
details...
Dell published security advisories to address vulnerabilities in the Dell PowerProtect DD2200 appliance (versions prior to 6.2.1.110).
Review the provided Dell Security Advisory and apply the necessary updates. | Dell |
| 1760 | Red Hat Security Advisory. [Published Date: 2024-05-05]
[Id:2024.05.05.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Virtualization Host 4 for RHEL 8 x86_64 - multiple versions
- Red Hat CodeReady Linux Builder - multiple versions and platforms
Review the Red Hat security advisories and apply the necessary updates. | Red Hat |
| 1761 | GitLab Security Advisory. [Published Date: 2024-05-03]
[Id:2024.05.03.001]
details...
GitHub published a security advisory to address a vulnerability Community and GitLab Enterprise Edition.
Review the provided GitHub Security Advisory and perform the suggested mitigations. | Gitlab |
| 1762 | Microsoft Edge Security Advisory. [Published Date: 2024-05-02]
[Id:2024.05.02.001]
details...
| Microsoft |
| 1763 | Cisco Security Advisory. [Published Date: 2024-05-01]
[Id:2024.05.01.001]
details...
Cisco published a security advisory to address vulnerabilities in the following products: - Cisco IP Phone 6800 Series with Multiplatform Firmware - version 12.0.4 and prior
- Cisco IP Phone 7800 Series with Multiplatform Firmware - version 12.0.4 and prior
- Cisco IP Phone 8800 Series with Multiplatform Firmware - version 12.0.4 and prior
- Cisco Video Phone 8875 in Multiplatform Mode - version 2.3.1.001 and prior
Review the Cisco security advisory apply the necessary updates. | CISCO |
| 1764 | SonicWall Security Advisory. [Published Date: 2024-04-30]
[Id:2024.04.30.001]
details...
SonicWall published a security advisory to address vulnerabilities SonicWall Virtual Appliance, Windows GMS (Global Management System) - version 9.3.4 and prior.
Review the Security Advisory and apply the necessary updates. | Sonicwall |
| 1765 | Google Chrome Security Advisory. [Published Date: 2024-04-30]
[Id:2024.04.30.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 124.0.6367.118 for Linux and prior to 24.0.6367.118/.119 for Windows, Apple MAC.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1766 | HPE Security Advisory for Aruba Networking ArubaOS. [Published Date: 2024-04-30]
[Id:2024.04.30.003]
details...
HPE published a security advisory to address vulnerabilities in HPE Aruba Networking ArubaOS.
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1767 | Ubuntu Security Advisory. [Published Date: 2024-04-29]
[Id:2024.04.29.001]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting Ubuntu 22.04 LTS.
Review the folowing provided web links and apply the necessary updates. | Ubuntu |
| 1768 | Dell Security Advisory. [Published Date: 2024-04-29]
[Id:2024.04.29.002]
details...
Dell has published a security advisory to address vulnerabilities in the Dell Object Scale versions before 1.4.0.
Review the Dell Security Advisory and apply the necessary updates. | Dell |
| 1769 | IBM Security Advisory. [Published Date: 2024-04-29]
[Id:2024.04.29.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Administration Runtime Expert for i - version 7.2, 7.3, 7.4 and 7.5
- IBM Cloud Pak for Network Automation - version 2.7.1
- IBM Cloud Pak for AIOps - version 4.1.0 to 4.5.0
- IBM Security Verify Governance, Identity Manager Container - version 10.0.2
- IBM Security Verify Governance, Identity Manager software component - version 10.0.2
- IBM Security Verify Governance, Identity Manager virtual appliance component - version 10.0.2
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - version 4.0.0 to 4.8.4
Review the provided IBM Security Advisory and apply the necessary updates. | IBM |
| 1770 | Microsoft Edge Security Advisory. [Published Date: 2024-04-29]
[Id:2024.04.29.004]
details...
| Microsoft |
| 1771 | US CERT/CC Reports R Programming Language Vulnerability [Published Date: 2024-04-29]
[Id:2024.04.29.005]
details...
US CERT Coordination Center (CERT/CC) has released information on a vulnerability in R programming language implementations (CVE-2024-27322).
Users and administrators are encouraged to review the following advisories and apply the necessary updates: | CVE |
| 1772 | Drupal Security Advisory. [Published Date: 2024-04-25]
[Id:2024.04.25.001]
details...
Drupal published security advisories to address vulnerabilities in Advanced Progressive Web Applications (PWA) - versions prior to 8.x-1.5.
Review the provided Drupal Security Advisory and apply the necessary updates. | Drupal |
| 1773 | HPE Security Advisory. [Published Date: 2024-04-25]
[Id:2024.04.25.002]
details...
HPE published a security advisory to address vulnerabilities in HPE SAN Switches with Brocade Fabric OS (FOS).
Review the HPE security bulletins and apply the necessary updates. | HPE |
| 1774 | Google Chrome Security Advisory. [Published Date: 2024-04-24]
[Id:2024.04.24.001]
details...
Google published a security advisory to address vulnerabilities in the following products: - Stable Channel Chrome for Desktop - versions prior to 124.0.6367.78/.79 (Windows and Mac) and 124.0.6367.78 (Linux)
- Extended Stable Channel Chrome for Desktop - versions prior to 124.0.6367.78/.79 (Windows and Mac)
Review the Google security bulletins and apply the necessary updates. | Google |
| 1775 | Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms. [Published Date: 2024-04-24]
[Id:2024.04.24.002]
details...
Cisco released security updates to address ArcaneDoor - exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353 , CVE-2024-20359 , CVE-2024-20358) to take control of an affected system.
Cisco has reported active exploitation of CVE 2024-20353 and CVE-2024-20359.
Review the following advisories and apply the necessary updates: | Cisco |
| 1776 | IBM Security Advisory. [Published Date: 2024-04-23]
[Id:2024.04.23.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Edge Application Manager - versions 4.4 and 4.5
- IBM Db2 and Db2 Warehouse on Cloud Pak for Data - versions prior to v4.8.4
Review the following advisories and apply the necessary updates: | IBM |
| 1777 | Ubuntu Security Advisory. [Published Date: 2024-04-23]
[Id:2024.04.23.002]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
Review the Ubuntu security notices and apply the necessary updates. | Ubuntu |
| 1778 | Dell Security Advisory [Published Date: 2024-04-23]
[Id:2024.04.23.003]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell custom VMware ESXi - multiple versions
- Dell EMC VxRail Appliance - 8.0.x versions prior to 8.0.211
- Dell SmartFabric OS10 - version 10.5.5.8
Review the following advisories and apply the necessary updates: | Dell |
| 1779 | Red Hat Security Advisory. [Published Date: 2024-04-22]
[Id:2024.04.22.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time - multiple versions and platforms
- Red Hat Virtualization Host 4 for RHEL 8 x86_64 - multiple versions
Review the Red Hat security advisories and apply the necessary updates. | Red Hat |
| 1780 | Microsoft Edge Security Advisory. [Published Date: 2024-04-19]
[Id:2024.04.19.001]
details...
| Microsoft |
| 1781 | CISA, FBI, EC3 and NCSC-NL Release Advisory on Akira Ransomware. [Published Date: 2024-04-18]
[Id:2024.04.18.001]
details...
Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), Akira Ransomware, to disseminate known Akira ransomware tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as February 2024.
Evolving from an initial focus on Windows systems to a Linux variant targeting VMware ESXi virtual machines, Akira threat actors began deploying Megazord (a Rust-based code) and Akira (written in C++), including Akira_v2 (also Rust-based) in August 2023. Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia and claimed approximately $42 million (USD) in ransomware proceeds.
Review the updated joint advisory to protect and detect against malicious activity. | CISA |
| 1782 | Cisco Releases Security Advisories for Cisco Integrated Management Controller. [Published Date: 2024-04-17]
[Id:2024.04.17.001]
details...
Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: | Cisco |
| 1783 | Dell Security Advisory [Published Date: 2024-04-16]
[Id:2024.04.16.001]
details...
Between April 8 and 14, 2024, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Dell NetWorker -- multiple versions
- Dell Storage Monitoring and Reporting -- multiple versions
- Dell Storage Resource Manager -- multiple versions
Review Dell Security advisories and notices and apply the necessary updates. | Dell |
| 1784 | Atlassian Security Advisory. [Published Date: 2024-04-16]
[Id:2024.04.16.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Center - multiple versions
- Bamboo Server - multiple versions
- Bitbucket Data Center - multiple versions
- Bitbucket Server - multiple versions
- Confluence Data Center - multiple versions
- Confluence Server - multiple versions
- Jira Service Management Data Center - multiple versions
- Jira Service Management Server - multiple versions
- Jira Software Data Center - multiple versions
- Jira Software Server - multiple versions
Review the following Atlassian Security Advisories and apply the necessary updates: | Atlassian |
| 1785 | Oracle Security Advisory - April 2024 quarterly rollup. [Published Date: 2024-04-16]
[Id:2024.04.16.003]
details...
Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following: - Oracle Analytics
- Oracle Commerce
- Oracle Communications Applications
- Oracle Communications
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Food and Beverage
- Oracle Fusion Middleware
- Oracle HealthCare Applications
- Oracle Insurance Applications
- Oracle PeopleSoft
- Oracle Retail Applications
- Oracle Systems
- Oracle WebLogic
- MySQL
Review Oracle Critical Patch Update Advisory - April 2024 and apply the necessary updates. | Oracle |
| 1786 | Mozilla Security Advisory. [Published Date: 2024-04-16]
[Id:2024.04.16.004]
details...
Mozilla released security updates to address vulnerabilities in Firefox versions prior to 125 and Firefox ESR versions prior to 115.10. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the following Mozilla Security Advisories and apply the necessary updates: | Mozilla |
| 1787 | PuTTY Security Advisory. [Published Date: 2024-04-16]
[Id:2024.04.16.005]
details...
PuTTY has released a security advisory to address vulnerability PuTTY " version 0.68 to 0.80. The vulnerability could compromise the NIST P521 private keys exposed by biased signature generation.
Review the following advisories and apply the updates: | Putty |
| 1788 | Juniper Security Advisory. [Published Date: 2024-04-16]
[Id:2024.04.16.006]
details...
Juniper published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - cRPD - versions prior to 23.4R1
- Juniper Cloud Native Router - versions prior to 23.4
- Junos OS - versions prior to 23.4R1-S1, 23.4R2 and 2R1
- Junos OS Evolved - multiple versions
Review Juniper's Support Portal and apply the necessary updates. | Juniper |
| 1789 | Palo Alto Networks Security Advisory [Published Date: 2024-04-12]
[Id:2024.04.12.001]
details...
Palo Alto Networks published a security advisory to address a vulnerability in the following products: - PAN-OS 11.1 -- versions prior to 11.1.2-h3
- PAN-OS 11.0 -- versions prior to 0.4-h1
- PAN-OS 10.2 -- versions prior to 10.2.9-h1
Exploitation of this vulnerability could lead to remote code execution. Palo Alto Networks has indicated that CVE-2024-3400 has been exploited. Review the following advisories and apply the necessary updates: | Palo Alto Networks |
| 1790 | Juniper Releases Security Bulletin [Published Date: 2024-04-12]
[Id:2024.04.12.002]
details...
Juniper has released security updates to address multiple vulnerabilities in Junos OS, Junos OS Evolved, Paragon Active Assurance, and Junos OS: EX4300 Series. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service condition. Review Juniper's Support Portal and apply the necessary updates. | Juniper |
| 1791 | Citrix Security Advisory [Published Date: 2024-04-11]
[Id:2024.04.11.001]
details...
Citrix published a security advisory to address vulnerabilities in the following products: - XenServer -- version 8
- Citrix Hypervisor -- version 8.2 CU1 LTSR
A cyber threat actor could exploit some of these, allowing information disclosure and denial of service. Review the following advisories and apply the necessary updates: | Citrix |
| 1792 | Microsoft April 2024 Security Updates [Published Date: 2024-04-10]
[Id:2024.04.10.001]
details...
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the Microsoft Security Updates and apply the necessary updates. | Microsoft |
| 1793 | Adobe Releases Security Updates for Multiple Products [Published Date: 2024-04-10]
[Id:2024.04.10.002]
details...
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review the following Adobe Security Bulletins and apply the necessary updates: | Adobe |
| 1794 | Fortinet Releases Security Updates for Multiple Products [Published Date: 2024-04-10]
[Id:2024.04.10.003]
details...
Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review the following advisories and apply necessary updates: | Fortinet |
| 1795 | Palo Alto Networks Security Advisory [Published Date: 2024-04-10]
[Id:2024.04.10.004]
details...
Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - PAN-OS 11.1 --versions prior to 11.1.2
- PAN-OS 11.0 -- multiple versions
- PAN-OS 10.2 -- multiple versions
- PAN-OS 10.1 -- multiple versions
- PAN-OS 10.0 -- versions prior to 10.0.12
- PAN-OS 9.1 -- multiple versions
- PAN-OS 9.0 -- multiple versions
- PAN-OS 8.1 -- versions prior to 8.1.24
Review the following advisories and apply necessary updates: | Palo Alto Networks |
| 1796 | Google Chrome Security Advisory [Published Date: 2024-04-10]
[Id:2024.04.10.005]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.122for Linux, prior to 123.0.6312.122/.123 for Windows, and 123.0.6312.122/.123/.124 Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the Google security bulletins and apply the necessary updates. | Google |
| 1797 | SAP Security Advisory-April 2024 Monthly Rollup [Published Date: 2024-04-10]
[Id:2024.04.10.006]
details...
SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following: - SAP BusinessObjects Web Intelligence -- versions prior to 4.2 and 4.3
- SAP NetWeaver AS Java User Management Engine -- version prior to SERVERCORE 7.50, J2EE-APPS 7.50 and UMEADMIN 7.50
Review the SAP Security Advisory -- April 2024 Monthly Rollup and apply the necessary updates. | SAP |
| 1798 | Red Hat Security Advisory [Published Date: 2024-04-08]
[Id:2024.04.08.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Virtualization Host - multiple versions and platforms
Review the Red Hat security advisories and apply the necessary updates. | Red Hat |
| 1799 | Ubuntu Security Advisory [Published Date: 2024-04-08]
[Id:2024.04.08.002]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Review the Security Notice - LSN-0102-1, Security Notices and apply the necessary updates. | Ubuntu |
| 1800 | IBM Security Advisory [Published Date: 2024-04-08]
[Id:2024.04.08.003]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM App Connect Enterprise Certified Container - multiple versions
- IBM CP4NA - version 2.7
- IBM App Connect Enterprise - version 12.0.1.0 to 12.0.11.2
- IBM Maximo Application Suite IoT Component - versions 8.7 and 8.8
- IBM Process Mining - versions 1.14.1, 1.14.2, 1.14.2 IF001, 1.14.3, 1.14.3 IF001 and 1.14.0
- IBM Tivoli Netcool Impact - version 7.1.0.0 to 7.1.0.32
- IBM Jazz for Service Management - version 1.1.3.0 to 1.1.3.20
- IBM Netcool Operations Insight - versions 1.4 to 1.4.1.2, 1.5 to 1.5.0.1 and 1.6 to 1.6.11
- IBM PCOMM - versions 14.0.6 and 15.0.1
Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1801 | Cisco security advisory. [Published Date: 2024-04-04]
[Id:2024.04.04.001]
details...
Cisco published security advisories to address vulnerabilities in multiple products. Included was an update for the following: - Cisco Enterprise Chat and Email (ECE)
- Cisco Identity Services Engine (ISE)
- Cisco Nexus Dashboard
- Cisco Nexus Dashboard Fabric Controller (NDFC)
- Cisco Nexus Dashboard Orchestrator (NDO)
- Cisco RV Series Small Business Routers
- Cisco TelePresence Management Suite (TMS)
- Cisco Emergency Responder: CVSS (Max)
Review the Cisco security advisories and apply the necessary updates. | CISCO |
| 1802 | Broadcom Security Advisory for Brocade Fabric OS. [Published Date: 2024-04-04]
[Id:2024.04.04.002]
details...
Broadcom published a security Advisory to address vulnerabilities affecting Brocade Fabric OS versions 9.x through 9.2.0.
Review the Broadcom Security Advisory and apply the necessary updates. | Broadcom |
| 1803 | Google Chrome security advisory. [Published Date: 2024-04-03]
[Id:2024.04.03.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.105 for Linux, and prior to 123.0.6312.105/.106/.107 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1804 | Ivanti security advisory. [Published Date: 2024-04-03]
[Id:2024.04.03.002]
details...
Ivanti published a security advisory to address vulnerabilities in the following products:
- Ivanti Connect Secure (9.x and 22.x) --all versions
- Ivanti Policy Secure Gateway (9.x and 22.x) --all versions
Review the Ivanti security advisory and apply the necessary updates. | Ivanti |
| 1805 | HTTP/2 CONTINUATION frames can be utilized for DoS attacks. [Published Date: 2024-04-03]
[Id:2024.04.03.003]
details...
New research done by researchers at the CERT Coordination Center of Carnegie Mellon University has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on 25th January 2024.
Review the advisory and upgrade affected software to the latest version to mitigate potential threats. In the absence of a fix, it's advised to consider(if possible) temporarily disabling HTTP/2 on the servers. | USCERT |
| 1806 | HPE security advisory. [Published Date: 2024-04-02]
[Id:2024.04.02.001]
details...
HPE published a security advisory to address vulnerabilities in the following products: - HPE Alletra - multiple versions and platforms
- HPE Apollo - multiple versions and platforms
- HPE Edgeline - multiple versions and platforms
- HPE Compute Edge Server e930t - versions prior to v2.16_03-01-2024
- HPE ProLiant - multiple versions and platforms
- HPE Synergy - multiple versions and platforms
- HPE NonStop Web ViewPoint Enterprise - multiple versions and platforms
Review the flowing provided web links and apply the necessary updates. | HPE |
| 1807 | IBM Security Advisory for DB2. [Published Date: 2024-04-02]
[Id:2024.04.02.002]
details...
IBM published a security bulletin to address vulnerabilities affecting DB2.
Review the IBM security bulletins and apply the necessary updates. | IBM |
| 1808 | Android security advisory - April 2024 Monthly Rollup. [Published Date: 2024-04-01]
[Id:2024.04.01.001]
details...
Android published a security bulletin to address vulnerabilities affecting Android devices.
Review the Android Security Bulletin and apply the necessary updates. | Android |
| 1809 | IBM security advisory. [Published Date: 2024-03-31]
[Id:2024.03.31.001]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Cloud PAK for AIOps - versions 4.1.0 to 4-4.1
- IBM Cloud Pak for Business Automation - multiple versions
- IBM Intelligent Operations Centre (IOC) - multiple versions
- IBM MQ Operator - multiple versions
- IBM Operations Analytics Predictive Insights - versions 1.3.6 to 1.3.6.7 (iFix7)
- IBM Planning Analytics Workspace - version 2.0
- IBM QRadar SIEM - versions 7.5.0 to 7.5.0 UP7 IF06
- IBM supplied MQ Advanced container images - multiple versions
Review the IBM Security Bulletins and apply the necessary updates. | IBM |
| 1810 | Ubuntu security advisory. [Published Date: 2024-03-31]
[Id:2024.03.31.002]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
Review the Ubuntu Security Notes and apply the necessary updates. | Ubuntu |
| 1811 | Red Hat security advisory. [Published Date: 2024-03-31]
[Id:2024.03.31.003]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisory - RHSA-2024:1532 and Red Hat Security Advisories and apply the necessary updates. | Red Hat |
| 1812 | Microsoft Edge Security Advisory. [Published Date: 2024-03-29]
[Id:2024.03.29.001]
details...
Microsoft published a security update to address a vulnerability in the following product: - Microsoft Edge Stable Channel - versions before 123.0.2420.65
- Microsoft Edge Extended Stable Channel - versions before 122.0.2365.113
The Chromium [1] team reports that an exploit for CVE-2024-2883 exists in the wild. Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates. [1] Chromium is a free and open-source web browser project primarily developed and maintained by Google. It is a widely used codebase, providing the vast majority of code for Google Chrome and many other browsers, including Microsoft Edge, Samsung Internet, and Opera. | Microsoft |
| 1813 | Cisco Releases Security Advisory for Vulnerabilities in Cisco Access Point software. [Published Date: 2024-03-28]
[Id:2024.03.28.001]
details...
Cisco released security updates to address vulnerabilities in Cisco Access Point software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service.
Review the following advisories and apply the necessary updates: | CISCO |
| 1814 | Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS XR Products. [Published Date: 2024-03-27]
[Id:2024.03.27.001]
details...
Cisco published security advisories to address vulnerabilities in their Cisco IOS XR. A cyber threat actor could exploit these vulnerabilities to local attackers to elevate privileges on an affected device.
Review the Cisco IOS XR Vulnerability advisory and apply the necessary updates. | CISCO |
| 1815 | Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS Software for Catalyst 6000 Series Switches. [Published Date: 2024-03-27]
[Id:2024.03.27.002]
details...
| CISCO |
| 1816 | GitLab Security Advisory. [Published Date: 2024-03-27]
[Id:2024.03.27.003]
details...
GitLab published a security advisory to address vulnerabilities in the following products: - GitLab Community Edition (CE) - versions prior to 16.10.1, 16.9.3 and 16.8.5
- GitLab Enterprise Edition (EE) - versions prior to 16.10.1, 16.9.3 and 16.8.5
Review the provided GitHub Security Advisory and perform the suggested mitigations. | Gitlab |
| 1817 | JetBrains Security Advisory. [Published Date: 2024-03-27]
[Id:2024.03.27.004]
details...
JetBrains published a security advisory to address vulnerabilities on JetBrains TeamCity On-Premises - versions prior to 2024.03.
Review the provided JetBrains Security Advisory and perform the suggested mitigations. | Jetbrains |
| 1818 | Google Chrome security advisory. [Published Date: 2024-03-26]
[Id:2024.03.26.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.86 for Linux, and prior to 23.0.6312.86/.87 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1819 | Tenable Security Center security advisory. [Published Date: 2024-03-25]
[Id:2024.03.25.001]
details...
Tenable has released security updates to address vulnerabilities affecting the Tenable Security Center (Stand-alone). A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the Tenable Security Center security advisory and apply the necessary updates or workarounds. | Tenable |
| 1820 | Ubuntu security advisory. [Published Date: 2024-03-25]
[Id:2024.03.25.002]
details...
Ubuntu published security advisories to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the Ubuntu Security Advisory and apply the necessary updates. | Ubuntu |
| 1821 | IBM security advisory. [Published Date: 2024-03-25]
[Id:2024.03.25.003]
details...
IBM published security advisories to address vulnerabilities affecting the following products: - IBM App Connect Enterprise - versions 11.0.0.1 to 11.0.0.24 and 12.0.1.0 to 12.0.11.1
- IBM Cloud Pak for Data Scheduling - version 4.6.4 to 4.7.4
- IBM Security Verify Information Queue - versions 10.0.6 and 10.0.7
- IBM Spectrum Control - all 5.4 versions
- IBM Storage Copy Data Management - version 2.2.0.0 to 2.2.22.1
- IBM Storage Protect Plus Server - version 10.1
A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1822 | Dell security advisory. [Published Date: 2024-03-25]
[Id:2024.03.25.004]
details...
Dell published security advisories to address vulnerabilities affecting the following products: - APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.13.34
- APEX Cloud Platform Foundation Software - versions prior to 03.00.03.00
- Dell Data Lakehouse System Software - version 1.0.0.0
- Dell EMC VxRail Appliance - versions prior to 7.0.483 and versions prior to 8.0.120
- Dell PowerProtect DD Management Center - versions 7.0 through 7.12, versions 7.10.1.0 through 7.10.1.15 and versions 7.7.5.0 through 7.7.5.25
- Dell PowerProtect DD Management Center with SmartScale feature - versions 7.10.1.0 through 7.10.1.15 and versions 7.8 through 7.12
- Dell Networking S5448-ON - versions prior to v3.52.5.1-10
- Dell Networking S5448F-ON - versions prior to v3.52.5.1-10
- Dell Networking Z9432F-ON - versions prior to v3.51.5.1-18
Review the Dell Security Advisory and apply the necessary updates. | Dell |
| 1823 | Apple Released Security Updates for Multiple Products. [Published Date: 2024-03-25]
[Id:2024.03.25.005]
details...
Apple released security updates to address vulnerabilities in macOS, Safari, iOS and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: | Apple |
| 1824 | Red Hat security advisory. [Published Date: 2024-03-24]
[Id:2024.03.24.001]
details...
Red Hat published security advisories to address vulnerabilities affecting the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux for Real Time/for NFV - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux Server - multiple versions and platforms
Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1825 | Mozilla security advisory. [Published Date: 2024-03-22]
[Id:2024.03.22.001]
details...
Mozilla has released security updates to address a vulnerability affecting Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the following advisories and apply necessary updates: | Mozilla |
| 1826 | Jenkins Security Advisory. [Published Date: 2024-03-20]
[Id:2024.03.20.001]
details...
Jenkins, the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software, released a security advisory for its vulnerability (CVE-2024-22201). A cyber threat actor could exploit this vulnerability, resulting in denial of service.
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1827 | F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-03-20]
[Id:2024.03.20.002]
details...
F5 has updated a security advisory on vulnerability (CVE-2022-23308) affecting multiple products, including BIG-IP (all modules), BIG-IQ Centralized Management, F50S-C, and Traffix SDC. A cyber threat actor could exploit this vulnerability, resulting in denial-of-service (DoS).
Review the F5 security advisory and apply the necessary updates or workarounds. | F5 |
| 1828 | Mozilla security advisory. [Published Date: 2024-03-19]
[Id:2024.03.19.001]
details...
Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Mozilla Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the following advisories and apply necessary updates: | Mozilla |
| 1829 | Atlassian security advisory. [Published Date: 2024-03-19]
[Id:2024.03.19.002]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Bamboo Data Centre - multiple versions
- Bamboo Server - multiple versions
- Bitbucket Data Centre - multiple versions
- Bitbucket Server - multiple versions
- Confluence Data Center - multiple versions
- Confluence Server - multiple versions
- Jira Service Management Data Center - multiple versions
- Jira Service Management Server - multiple versions
- Jira Software Data Center - multiple versions
- Jira Software Server - multiple versions
A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the following advisories and apply necessary updates: | Atlassian |
| 1830 | Google Chrome security advisory. [Published Date: 2024-03-19]
[Id:2024.03.19.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.58 for Linux, and prior to 123.0.6312.58/.59 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1831 | Dell security advisory. [Published Date: 2024-03-18]
[Id:2024.03.18.001]
details...
Dell published security advisories to address vulnerabilities for Dell EMC VxRail Appliance-8.0.x versions prior to 8.0.210 and NetWorker vProxy. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the following advisories and apply the necessary updates: | Dell |
| 1832 | Red Hat security advisory. [Published Date: 2024-03-18]
[Id:2024.03.18.002]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server Extended Life Cycle Support (for IBM z Systems) - version 7 s390x
A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the Red Hat Security Advisory and apply the necessary updates. | Red Hat |
| 1833 | HPE security advisory on Unified OSS Console. [Published Date: 2024-03-15]
[Id:2024.03.15.001]
details...
HPE published a security advisory to address vulnerabilities HPE Unified OSS Console (UOC) - versions prior to 3.1.3. A cyber threat actor could exploit these vulnerabilities could be exploited to allow remote arbitrary code execution, local denial of service and local stack overflow.
Review the HPE security advisory and apply the necessary updates. | HPE |
| 1834 | Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-03-13]
[Id:2024.03.13.001]
details...
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following and apply the necessary updates: | Microsoft |
| 1835 | Fortinet Releases Security Updates for Multiple Products. [Published Date: 2024-03-13]
[Id:2024.03.13.002]
details...
Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply necessary updates: | Fortinet |
| 1836 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-03-13]
[Id:2024.03.13.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.128 for Linux, and prior to 22.0.6261.128/.129 for Windows, MAC. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1837 | Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS XR Products. [Published Date: 2024-03-13]
[Id:2024.03.13.004]
details...
Cisco published security advisories to address vulnerabilities in their Cisco IOS XR. A cyber threat actor could exploit these vulnerabilities to local attackers to elevate privileges on an affected device.
Review the Cisco IOS XR Vulnerability advisory and apply the necessary updates. | CISCO |
| 1838 | Adobe Releases Security Updates for Multiple Products. [Published Date: 2024-03-12]
[Id:2024.03.12.001]
details...
Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following Adobe Security Bulletins and apply the necessary updates: | Adobe |
| 1839 | Red Hat security advisory [Published Date: 2024-03-11]
[Id:2024.03.11.001]
details...
Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: - Red Hat CodeReady Linux Builder - multiple versions and platforms
- Red Hat Enterprise Linux - multiple versions and platforms
- Red Hat Enterprise Linux Server - multiple versions and platforms
- Red Hat Virtualization Host 4 for RHEL 8 x86_64
Review the following advisories and apply the necessary updates: | Red Hat |
| 1840 | Ubuntu security advisory. [Published Date: 2024-03-11]
[Id:2024.03.11.002]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: - Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
Review the provided Ubuntu Security Advisory and perform the suggested mitigations. | Ubuntu |
| 1841 | Ubuntu security advisory. [Published Date: 2024-03-11]
[Id:2024.03.11.003]
details...
Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting Ubuntu 18.04 ESM, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
Review the Ubuntu security notices and apply the necessary updates. | Ubuntu |
| 1842 | IBM security advisory [Published Date: 2024-03-11]
[Id:2024.03.11.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM Automation Decision Services - versions 23.0.1 and 23.0.2
- IBM Observability with Instana (OnPrem) - versions Build 250 to 267
- IBM QRadar SIEM - version 7.5 to 7.5.0 UP7
- IBM Sterling Secure Proxy - versions 6.0.3 and 6.1.0
A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system. Review the IBM Security Advisory and apply the necessary updates. | IBM |
| 1843 | Apple Released Security Updates for Multiple Products. [Published Date: 2024-03-08]
[Id:2024.03.08.001]
details...
Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: | Apple |
| 1844 | Drupal Releases Security Updates for Drupal Registration role module. [Published Date: 2024-03-06]
[Id:2024.03.06.001]
details...
Drupal published a security advisory to address a vulnerability in the Registration role module - versions 2.x prior to 2.0.1. The module has a logic error when handling sites that upgraded code and did not run the Drupal update process.
Review the provided Drupal Security Advisory and perform the suggested mitigations. | Drupal |
| 1845 | GitLab security advisory. [Published Date: 2024-03-06]
[Id:2024.03.06.002]
details...
GitHub published a security advisory to address a vulnerability Community and GitLab Enterprise Edition.
Review the provided GitHub Security Advisory and perform the suggested mitigations. | Gitlab |
| 1846 | VMware security advisory. [Published Date: 2024-03-05]
[Id:2024.03.05.001]
details...
VMware released a security advisory to address vulnerabilities in the following products: - VMware Cloud Foundation - versions 4.x and 5.x
- VMware ESXi - versions 7.0 and 8.0
- VMware Fusion for MacOS - versions 13.x prior to 13.5.1
- VMware Workstation - versions 17.x prior to 17.5.1
Review the provided VMware Security Advisory and perform the suggested mitigations. | Vmware |
| 1847 | Apple Releases Security Updates for Multiple Products. [Published Date: 2024-03-05]
[Id:2024.03.05.002]
details...
Apple has released security updates to address vulnerabilities within iOS and iPadOS. A cyber threat actor could exploit one of these vulnerabilities, allowing privilege escalation to the affected system.
Review the Apple Security Advisory CVE-2024-23225, CVE-2024-23296, CVE-2024-23243 and CVE-2024-23256 and perform the suggested mitigations. | Apple |
| 1848 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-03-05]
[Id:2024.03.05.003]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.111 for Mac, Linux, and Mac and prior to 122.0.6261.111/.112 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1849 | Red Hat release security advisory for Red Hat Satellite 6. [Published Date: 2024-03-04]
[Id:2024.03.04.001]
details...
Red Hat Linux has released security updates to address multiple vulnerabilities affecting Red Hat Satellite 6.x x86_64, Red Hat Satellite Capsule 6.x x86_64, and Red Hat Enterprise Linux for x86_64 8 x86_64. A malicious cyber actor can exploit one of these vulnerabilities, allowing hurtful things to the systems.
Review the Red Hat Linux security bulletins and apply the necessary updates. | Red Hat |
| 1850 | Red Hat release security advisory for squid:4. [Published Date: 2024-03-04]
[Id:2024.03.04.002]
details...
Red Hat Linux has released a security update to address a vulnerability affecting squid:4. A malicious cyber actor can exploit that vulnerability to cause denial of service in the HTTP header parser.
Review the Red Hat Linux security bulletins and apply the necessary update. | Red Hat |
| 1851 | Android security advisory- March 2024. [Published Date: 2024-03-04]
[Id:2024.03.04.003]
details...
| Android |
| 1852 | IBM security advisory. [Published Date: 2024-03-04]
[Id:2024.03.04.004]
details...
IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - IBM CP4NA - version 2.6.5
- IBM DS8900F R9.2 - versions 89.21.31.0 and 89.21.19.0
- IBM DS8900F R9.3 - versions 89.30.68.0, 89.32.40.0 and 89.33.48.0
- IBM Transformation Extender Advanced - versions 9.0 and 10.0
- IBM WebSphere Service Registry and Repository - version 8.5
Review the following advisories and apply the necessary updates: | IBM |
| 1853 | Dell security advisory [Published Date: 2024-03-04]
[Id:2024.03.04.005]
details...
Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: - Isilon A200 - versions prior to 12.1
- Isilon A2000 - versions prior to 12.1
- Isilon F800 - versions prior to 12.1
- Isilon H400 - versions prior to 12.1
- Isilon H500 - versions prior to 12.1
- Isilon H5600 - versions prior to 12.1
- Isilon H600 - versions prior to 12.1
- PowerScale Archive A300 - versions prior to 12.1
- PowerScale Archive A3000 - versions prior to 12.1
- PowerScale B100 - versions prior to 12.1
- PowerScale F200 - versions prior to 12.1
- PowerScale F600 - versions prior to 12.1
- PowerScale F900 - versions prior to 12.1
- PowerScale Hybrid H700 - versions prior to 12.1
- PowerScale Hybrid H7000 - versions prior to 12.1
- PowerScale P100 - versions prior to 12.1
Review the following advisories and apply the necessary updates: | Dell |
| 1854 | SolarWinds security advisory for SolarWinds Security Event Manager. [Published Date: 2024-03-01]
[Id:2024.03.01.001]
details...
SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Security Event Manager-versions prior to 2023.4.1. A cyber threat actor could exploit these vulnerabilities, allowing remote code execution of an affected system.
Review the SolarWinds Security Advisory and apply the necessary updates. | Solarwinds |
| 1855 | Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2024-02-29]
[Id:2024.02.29.001]
details...
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the Juniper advisory JSA77742 and apply the necessary updates. | Juniper |
| 1856 | Cisco Releases Security Advisory for Vulnerabilities in Cisco UCS and Nexus Products. [Published Date: 2024-02-28]
[Id:2024.02.28.001]
details...
Cisco published security advisories to address vulnerabilities in their Cisco Unified Computing System (UCS) and Nexus Products.
Review the following provided web links and apply the necessary | CISCO |
| 1857 | CISA, FBI, and HHS Release an Update to Ransomware Advisory on ALPHV Blackcat. [Published Date: 2024-02-27]
[Id:2024.02.27.001]
details...
Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released an update to the joint advisory Ransomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the ALPHV Blackcat ransomware as a service (RaaS). ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector.
Review the updated joint advisory to protect and detect against malicious activity. | CISA |
| 1858 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-02-27]
[Id:2024.02.27.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.94 for Mac and Linux and Mac and prior to 22.0.6261.94/.95 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1859 | Palo Alto Networks has released a security update for PAN-OS. [Published Date: 2024-02-26]
[Id:2024.02.26.001]
details...
| Palo Alto Networks |
| 1860 | Atlassian security advisory. [Published Date: 2024-02-21]
[Id:2024.02.21.001]
details...
Atlassian published security advisories to address vulnerabilities in the following products: - Confluence Data Center and Server - multiple versions
- Jira Software Data Center and Server - multiple versions
- Assets Discovery - multiple versions
- Jira Service Management Data Center and Server - multiple versions
Review the following advisories and apply the necessary updates: | Atlassian |
| 1861 | GitLab security advisory. [Published Date: 2024-02-21]
[Id:2024.02.21.002]
details...
GitLab published a security advisory to address vulnerabilities in the following products: - GitLab Community Edition (CE) - versions prior to 16.9.1, 16.8.3 and 16.7.6
- GitLab Enterprise Edition (EE) - versions prior to 16.9.1, 16.8.3 and 16.7.6
Review the following advisories and apply the necessary updates: | Gitlab |
| 1862 | Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2024-02-21]
[Id:2024.02.21.003]
details...
Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the following Mozilla Security Advisories and apply the necessary updates: | Mozilla |
| 1863 | VMware has released a security updates for Spring Framework. [Published Date: 2024-02-21]
[Id:2024.02.21.004]
details...
| Vmware |
| 1864 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-02-20]
[Id:2024.02.20.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.57 for Mac and Linux and Mac and prior to 122.0.6261.57/.58 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1865 | Zoom Releases Security Updates for Seven Vulnerabilities. [Published Date: 2024-02-16]
[Id:2024.02.16.001]
details...
Zoom has released security updates for Seven vulnerabilities. A cyber threat actor could exploit Zoom VDI Client vulnerabilities for Windows and Zoom Meeting SDK for Windows, which may allow an unauthenticated user to escalate privilege via network access.
Review Zoom's Security bulletin and apply the necessary updates. | Zoom |
| 1866 | F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-02-14]
[Id:2024.02.14.001]
details...
F5 has released security advisories on vulnerabilities (CVE-2024-22093, CVE-2024-21763, CVE-2024-21771, CVE-2024-21789, CVE-2024-21849, CVE-2024-22389, CVE-2024-23308, CVE-2024-23314, CVE-2024-23805, CVE-2024-23979, CVE-2024-23982, CVE-2024-24989 and CVE-2024-24990) affecting multiple products, including BIG-IP, LTM, ASM, NGIX Plus and NGIX Open Source.
Review the F5 vulnerabilities CVE-2024-22093, CVE-2024-21763, CVE-2024-21771, CVE-2024-21789, CVE-2024-21849, CVE-2024-22389, CVE-2024-23308, CVE-2024-23314, CVE-2024-23805, CVE-2024-23979, CVE-2024-23982, CVE-2024-24989 and CVE-2024-24990 apply the necessary updates or workarounds. | F5 |
| 1867 | Adobe Releases Security Updates for Multiple Products. [Published Date: 2024-02-13]
[Id:2024.02.13.001]
details...
Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following Adobe Security Bulletins and apply the necessary updates: | Adobe |
| 1868 | Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-02-13]
[Id:2024.02.13.002]
details...
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review Microsoft’s February Security Update Guide and apply the necessary updates. | Microsoft |
| 1869 | ISC Releases Security Advisories for BIND 9. [Published Date: 2024-02-13]
[Id:2024.02.13.003]
details...
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.
Review the following advisories and apply the necessary updates: | ISC |
| 1870 | Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series. [Published Date: 2024-02-08]
[Id:2024.02.08.001]
details...
Cisco released a security advisory to address vulnerabilities affecting Cisco Expressway Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Cisco Expressway Series advisory and apply the necessary updates. | CISCO |
| 1871 | Fortinet Releases Security Updates for FortiOS and FortiProxy. [Published Date: 2024-02-08]
[Id:2024.02.08.002]
details...
Fortinet has released a security update to address FortiOS and FortiProxy software vulnerabilities (CVE-2024-21762, CVE-2023-44487, CVE-2024-23113, and CVE-2023-47537). A cyber threat actor could exploit these vulnerabilities, allowing remote code execution of an affected system.
Review the following Fortinet security advisories and apply the recommended updates: | Fortinet |
| 1872 | VMware Releases Security Advisory for Aria Operations for Networks. [Published Date: 2024-02-07]
[Id:2024.02.07.001]
details...
VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review VMware security advisory VMSA-2024-0002 and apply the necessary updates. | Vmware |
| 1873 | JetBrains Releases Security Advisory for TeamCity On-Premises. [Published Date: 2024-02-06]
[Id:2024.02.06.001]
details...
| Jetbrains |
| 1874 | Multiple Vulnerabilities in Canon Printers. [Published Date: 2024-02-05]
[Id:2024.02.05.001]
details...
Canon has released security updates to address multiple vulnerabilities identified for certain Small Office Multifunction Printers and Laser Printers. A cyber threat actor could exploit these vulnerabilities and may be able to execute arbitrary code and/or target the product in a Denial-of-Service (DoS) attack via the Internet of an affected system.
Review the Canon security advisory and apply the recommended updates. | Canon |
| 1875 | Juniper Networks Releases Security Bulletin for Juniper Secure Analytics. [Published Date: 2024-02-01]
[Id:2024.02.01.001]
details...
Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Juniper Security Bulletin JSA76718 and apply the necessary updates. | Juniper |
| 1876 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-01-30]
[Id:2024.01.30.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 121.0.6167.139 for Mac and Linux and Mac and prior to 121.0.6167.139/140 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1877 | Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series [Published Date: 2024-01-29]
[Id:2024.01.29.001]
details...
Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the Juniper Bulletin JSA76390 and apply the necessary updates. | Juniper |
| 1878 | Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products. [Published Date: 2024-01-25]
[Id:2024.01.25.001]
details...
| CISCO |
| 1879 | Jenkins Security Advisory. [Published Date: 2024-01-24]
[Id:2024.01.24.001]
details...
Jenkins, the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software, released a security advisory for its vulnerability (CVE-2024-23897). A cyber threat actor could exploit this vulnerability, resulting in remote code execution.
Review the Jenkins security advisory and apply the necessary updates. | Jenkins |
| 1880 | Apple Releases Security Updates for Multiple Products. [Published Date: 2024-01-23]
[Id:2024.01.23.001]
details...
Apple has released security updates to address vulnerabilities within Safari, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: | Apple |
| 1881 | Google Releases Security Updates for Google Chrome. [Published Date: 2024-01-23]
[Id:2024.01.23.002]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 120.0.6167.85 for Mac and Linux and Mac and prior to 120.0.6167.80/.86 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates. | Google |
| 1882 | Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2024-01-23]
[Id:2024.01.23.003]
details...
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the following advisories and apply the necessary updates: | Mozilla |
| 1883 | Drupal Releases Security Advisory for Drupal Core. [Published Date: 2024-01-18]
[Id:2024.01.18.001]
details...
Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.
Review Drupal security advisory SA-CORE-2024-001 for more information and apply the necessary update. | Drupal |
| 1884 | VMware Releases Security Advisory for Aria Operations. [Published Date: 2024-01-17]
[Id:2024.01.17.001]
details...
VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations. A cyber threat actor could exploit this vulnerability to take control of an affected system.
Review VMware Security Advisory VMSA-2024-0001 and apply the necessary update. | Vmware |
| 1885 | Atlassian released advisory for Confluence Data Center and Server. [Published Date: 2024-01-17]
[Id:2024.01.17.002]
details...
Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in the Confluence Data Center and Server. A cyber threat actor could exploit this vulnerability to allow remote code execution of an affected system.
Review the Atlassian Security Advisory and apply the necessary update. | Atlassian |
| 1886 | Oracle Critical Patches Issued January 2024. [Published Date: 2024-01-17]
[Id:2024.01.17.003]
details...
Oracle has released its Critical Patch Update for January 2024 to address vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities, allowing remote code execution and malicious activities.
Review the Oracle January 2024 Critical Patch Update and apply the necessary updates. | Oracle |
| 1887 | CISA and FBI Release Known IOCs Associated with Androxgh0st Malware. [Published Date: 2024-01-16]
[Id:2024.01.16.001]
details...
CISA (Cybersecurity and Infrastructure Security Agency) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks and targets files that contain confidential information, such as credentials, for various high-profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities that could lead to remote code execution, including: Review and implement the mitigations found in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. | CISA |
| 1888 | Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway. [Published Date: 2024-01-16]
[Id:2024.01.16.002]
details...
Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the Citrix CTX584986 Security Bulletin and apply the necessary updates. | Citrix |
| 1889 | Multiple Vulnerabilities in GitHub Enterprise Server. [Published Date: 2024-01-16]
[Id:2024.01.16.003]
details...
Multiple vulnerabilities have been reported in the GitHub Enterprise Server, which could allow an attacker to execute remote code, escalate privileges, bypass security restrictions, and disclose sensitive information on the targeted system.
Review the following advisories and apply the necessary updates: | Github |
| 1890 | Cisco Releases Security Advisory for Cisco Unity Connection. [Published Date: 2024-01-11]
[Id:2024.01.11.001]
details...
| Cisco |
| 1891 | Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved. [Published Date: 2024-01-10]
[Id:2024.01.10.001]
details...
Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.
Review the Juniper Advisory JSA75752 and apply the necessary updates. | Juniper |
| 1892 | Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-01-09]
[Id:2024.01.09.001]
details...
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review Microsoft’s January Security Update Guide and apply the necessary updates. | Microsoft |
| 1893 | Fortinet Releases Security Updates for FortiOS and FortiProxy. [Published Date: 2024-01-09]
[Id:2024.01.09.002]
details...
| Fortinet |
| 1894 | IBM Releases Security Advisory for DB2 for Windows Addressing vulnerability. [Published Date: 2024-01-08]
[Id:2024.01.08.001]
details...
IBM Issued critical patches to address the vulnerability of DB2. A remote attacker could exploit that vulnerability, allowing a privilege escalation to SYSTEM users via MSI repair functionality on Windows.
Review the IBM DB2 vulnerability and apply the necessary updates or workarounds. | IBM |
| 1895 | Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2024-01-02]
[Id:2024.01.02.001]
details...
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the Juniper advisory JSA75636 and apply the necessary updates. | Juniper |
| 1896 | F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-01-02]
[Id:2024.01.02.002]
details...
F5 has released security advisories on vulnerabilities (CVE-2022-28733, CVE-2022-40735, CVE-2002-20001, and CVE-2020-5884) affecting multiple products, including BIG-IP, LTM, and ASM. By exploiting those vulnerabilities, an attacker's CPU usage and ability to read and modify data in transit trigger an integer value underflow in grub code in the affected system.
Review the F5 vulnerabilities CVE-2022-28733, CVE-2022-40735, CVE-2002-20001, and CVE-2020-5884 and apply the necessary updates or workarounds. | F5 |
| 1897 | Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-20]
[Id:2023.12.20.001]
details...
Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information.
Review Apple security releases and apply necessary updates. | Apple |
| 1898 | Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2023-12-20]
[Id:2023.12.20.002]
details...
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: | Mozilla |
| 1899 | IBM QRadar SIEM (Linux OS based) contains multiple vulnerabilities. [Published Date: 2023-12-19]
[Id:2023.12.19.001]
details...
IBM has released security updates to address vulnerabilities in the Linux Operating System IBM QRadar SIEM. A cyber threat actor could exploit the vulnerable components (e.g., framework libraries), which could affect the system.
Review IBM's Security Update and apply the necessary updates. | IBM |
| 1900 | CISA and FBI Release Advisory on ALPHV Blackcat Affiliates. [Published Date: 2023-12-19]
[Id:2023.12.19.002]
details...
CISA (Cybersecurity and Infrastructure Security Agency) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), ALPHV Blackcat, to disseminate known ALPHV Blackcat affiliates' tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as Dec. 6, 2023. The advisory also provides updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise, released on April 19, 2022.
ALPHV Blackcat affiliates have extensive networks and experience with ransomware and data extortion operations. FBI investigations, as of September 2023, place the number of compromised entities at over 1000-over half of which are in the United States and approximately 250 outside the United States.
Review and implement the mitigations provided in the joint CSA to reduce the likelihood and impact of ALPHV Blackcat ransomware and data extortion incidents. | CISA |
| 1901 | F5 BIG-IP release update for Configuration utility and inconsistent Interpretation of HTTP Requests vulnerability. [Published Date: 2023-12-18]
[Id:2023.12.18.001]
details...
| F5 |
| 1902 | FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware. [Published Date: 2023-12-18]
[Id:2023.12.18.002]
details...
Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) released a joint Cybersecurity Advisory (CSA), Play Ransomware , to disseminate Play ransomware group’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as October 2023. Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data, and have impacted a wide range of businesses and critical infrastructure organizations in North America, South America, Europe, and Australia. Review and implement the recommendations provided in the joint CSA to reduce the likelihood and impact of Play and other ransomware incidents. | CISA |
| 1903 | FortiGuard Releases Security Updates for Multiple Products. [Published Date: 2023-12-14]
[Id:2023.12.14.001]
details...
FortiGuard has released security updates to address vulnerabilities in multiple FortiGuard products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review the following advisories and apply necessary updates: | Fortinet |
| 1904 | Microsoft Releases Security Updates for Multiple Products. [Published Date: 2023-12-12]
[Id:2023.12.12.001]
details...
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review Microsoft’s December Security Update Guide and apply the necessary updates. | Microsoft |
| 1905 | Adobe Releases Security Updates for Multiple Products. [Published Date: 2023-12-12]
[Id:2023.12.12.002]
details...
Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review the following Adobe Security Bulletins and apply the necessary updates: | Adobe |
| 1906 | Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-11]
[Id:2023.12.11.001]
details...
Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, macOS Monterey, macOS Ventura, iOS, iPadOS, watchOS, and tvOS 17.2. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Review the following advisories and apply the necessary updates: | Apple |
| 1907 | Sophos has released security updates for Sophos Firewall. [Published Date: 2023-12-11]
[Id:2023.12.11.002]
details...
Sophos has released security updates to address vulnerabilities in Sophos Firewall. A cyber threat actor could exploit that vulnerability, allowing remote code execution in the User Portal and Webadmin of Sophos Firewall. Review Sophos's Security Update and apply the necessary updates. | Sophos |
| 1908 | The Apache Software Foundation Updates Struts 2. [Published Date: 2023-12-09]
[Id:2023.12.09.001]
details...
The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164) in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Review the Apache Security Bulletin and upgrade to Struts 2.5.33 or 6.3.0.2 or greater. | Apache |
| 1909 | Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-01]
[Id:2023.12.01.001]
details...
Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Review the following advisories and apply necessary updates: | Apple |
| 1910 | Google Updates Chrome to Fix Zero-day. [Published Date: 2023-11-28]
[Id:2023.11.28.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.199 for Mac and Linux and Mac and prior to 119.0.6045.199/.200 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution. Review the Google security bulletins and apply the necessary updates. | Google |
| 1911 | Adobe Releases Security Updates for ColdFusion [Published Date: 2023-11-23]
[Id:2023.11.23.001]
details...
Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system.
Review Adobe ColdFusion security bulletin APSB23-52 for more information and to: - Apply the recommended updates in APSB23-52.
- Follow Adobe recommendations on ColdFusion hardening.
Consider adding a web application firewall (WAF) filter for CFIDE for external users. | Adobe |
| 1912 | RedHat Linux published a security update for Squid. [Published Date: 2023-11-23]
[Id:2023.11.23.002]
details...
RedHat Linux published a security update for vulnerability (CVE-2023-5824) for Squid. Exploiting the vulnerability, an attacker can access those systems and cause a denial-of-service (DoS).
Review the advisory for Squid and apply the necessary updates. | Red Hat |
| 1913 | CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed [Published Date: 2023-11-21]
[Id:2023.11.21.001]
details...
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released a joint Cybersecurity Advisory (CSA), LockBit Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability (along with an accompanying analysis report MAR-10478915-1.v1 Citrix Bleed), in response to LockBit 3.0 ransomware affiliates and multiple threat actor groups exploiting CVE-2023-4966. Labeled Citrix Bleed, the vulnerability affects Citrix’s NetScaler web application delivery control (ADC) and NetScaler Gateway appliances. LockBit affiliates have conducted attacks against organizations of varying sizes across multiple critical infrastructure sectors"including education, energy, financial services, food and agriculture, government and emergency services, healthcare, manufacturing, and transportation. The joint CSA provides tactics, techniques, and procedures (TTPs), as well as indicators of compromise (IOCs). | CISA |
| 1914 | Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2023-11-21]
[Id:2023.11.21.002]
details...
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply the necessary updates: Firefox iOS 120 Firefox 120 Firefox ESR 115.5 Thunderbird 115.5.0 | Mozilla |
| 1915 | Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2023-11-17]
[Id:2023.11.17.001]
details...
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Review the Juniper advisory JSA74298 and apply the necessary updates. | Juniper |
| 1916 | FBI and CISA Release Advisory on Scattered Spider Group. [Published Date: 2023-11-16]
[Id:2023.11.16.001]
details...
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) on Scattered Spider"a cybercriminal group targeting commercial facilities sectors and subsectors. The advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations as recently as November 2023. Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs. FBI and CISA encourage network defenders and critical infrastructure organizations to review the joint CSA for recommended mitigations to reduce the likelihood and impact of a cyberattack by Scattered Spider actors. | CISA |
| 1917 | Citrix Releases Security Updates for Citrix Hypervisor. [Published Date: 2023-11-16]
[Id:2023.11.16.002]
details...
| Citrix |
| 1918 | CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware. [Published Date: 2023-11-15]
[Id:2023.11.15.001]
details...
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection methods, and tactics, techniques, and procedures (TTPs) identified through investigations as recently as September 2023. Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised organizations in education, manufacturing, information technology, and government sectors and any ransom paid is split between the group and affiliates. Rhysida actors leverage external-facing remote services, such as virtual private networks (VPNs), Zerologon vulnerability (CVE-2020-1472), and phishing campaigns to gain initial access and persistence within a network. Review the joint CSA for recommended mitigations to reduce the likelihood and impact of Rhysida and other ransomware incidents. | CISA |
| 1919 | VMware Releases Security Update for Cloud Director Appliance. [Published Date: 2023-11-14]
[Id:2023.11.14.001]
details...
VMware has released a security advisory addressing a vulnerability in VMWare Cloud Director Appliance. Cyber threat actors may exploit this vulnerability to take control of an affected system. Review the following VMware security advisory and apply the recommended updates: | Vmware |
| 1920 | Fortinet Releases Security Updates for FortiClient and FortiGate. [Published Date: 2023-11-14]
[Id:2023.11.14.002]
details...
Fortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber threat actors may exploit some of these vulnerabilities to take control of an affected system. Review the following Fortinet security advisories and apply the recommended updates: | Fortinet |
| 1921 | Microsoft Releases October 2023 Security Updates. [Published Date: 2023-11-14]
[Id:2023.11.14.003]
details...
Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. Review Microsoft’s November 2023 Security Update Guide and apply the necessary updates. | Microsoft |
| 1922 | Adobe Releases Security Updates for Multiple Products. [Published Date: 2023-11-14]
[Id:2023.11.14.004]
details...
Adobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of the affected system. Review the following advisories and apply the necessary updates. | Adobe |
| 1923 | Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-11-14]
[Id:2023.11.14.005]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.159 for Mac and Linux and Mac and prior to 119.0.6045.159/.160 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution. Review the Google security bulletins and apply the necessary updates. | Google |
| 1924 | A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution. [Published Date: 2023-11-13]
[Id:2023.11.13.001]
details...
Google has released security updates to address a vulnerability affecting Chrome versions prior to 119.0.6045.123 for Mac and Linux and to 119.0.6045.123/.124 for Windows. A malicious cyber actor can exploit the vulnerabilities, allowing for arbitrary code execution. Review the Google security bulletins and apply the necessary updates. | Google |
| 1925 | RedHat Linux published a security update for Squid and Squid34. [Published Date: 2023-11-13]
[Id:2023.11.13.002]
details...
RedHat Linux published a security update for vulnerability (CVE-2023-46847) for Squid and Squid34. Exploiting the vulnerability, an attacker can access those systems and cause a denial-of-service (DoS). Review the advisory for Squid and Squid34 and apply the necessary updates. | Red Hat |
| 1926 | CISA Releases Update to Royal Ransomware Advisory. [Published Date: 2023-11-13]
[Id:2023.11.13.003]
details...
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released an update to joint Cybersecurity Advisory (CSA) Royal Ransomware. The updated advisory provides network defenders with additional information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as June 2023. Royal ransomware attacks have spread across numerous critical infrastructure sectors, including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH), and education. Review the updated CSA advisory and apply the included mitigations. | CISA |
| 1927 | Atlassian released a security advisory to address a vulneribility affecting Confluence Data Center and Server [Published Date: 2023-11-05]
[Id:2023.11.05.001]
details...
| Atlassian |
| 1928 | Cisco released security advisories for vulnerabilities affecting multiple Cisco products [Published Date: 2023-11-05]
[Id:2023.11.05.002]
details...
Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review the following advisories and apply the necessary updates: | Cisco |
| 1929 | Vulnerability in IBM Java SDK and IBM Java Runtime affects IBM Db2. [Published Date: 2023-11-03]
[Id:2023.11.03.001]
details...
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. Review the IBM security advisory and apply the necessary updates or mitigations. | IBM |
| 1930 | Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-10-31]
[Id:2023.10.31.001]
details...
Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.105 for Linux and Mac and 119.0.6045.105/.106 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution. Review the Google security bulletins and apply the necessary updates. | Google |
| 1931 | VMware Releases Advisory for VMware Tools Vulnerabilities. [Published Date: 2023-10-30]
[Id:2023.10.30.001]
details...
VMware released a security advisory addressing multiple vulnerabilities (CVE-2023-34057, CVE-2023-34058) in VMware Tools. A cyber actor could exploit one of these vulnerabilities to take control of an affected system. Review the VMware advisory VMSA-2023-0024 and apply the necessary updates. | Vmware |
| 1932 | Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server. [Published Date: 2023-10-30]
[Id:2023.10.30.002]
details...
IBM released a security advisory addressing multiple vulnerabilities (CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38720, CVE-2023-33850, CVE-2023-40374, CVE-2023-38728, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597) in Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server. Review the IBM advisory and apply the necessary updates. | IBM |
| 1933 | F5 BIG-IP Configuration utility authenticated SQL injection vulnerability. [Published Date: 2023-10-27]
[Id:2023.10.27.001]
details...
F5 has released security updates to address BIG-IP Configuration utility authenticated SQL injection vulnerability. This critical vulnerability (CVE-2023-46748) may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only. Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations. | F5 |
| 1934 | BIG-IP Critical Configuration Utility vulnerability. [Published Date: 2023-10-26]
[Id:2023.10.26.001]
details...
F5 has released security updates to address BIG-IP Configuration Utility vulnerability. This critical vulnerability (CVE-2023-46747) may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations. | F5 |
| 1935 | F5 BIG-IP Configuration utility unauthenticated remote code execution vulnerability. [Published Date: 2023-10-26]
[Id:2023.10.26.002]
details...
F5 has released security updates to address BIG-IP Configuration utility unauthenticated remote code execution vulnerability. This critical vulnerability (CVE-2023-46747) may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only. Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations. | F5 |
| 1936 | Critical VMware vCenter Server and Cloud Foundation. [Published Date: 2023-10-25]
[Id:2023.10.25.001]
details...
VMware has released security updates to address vulnerabilities CVE-2023-34048 and CVE-2023-34056 in VMware vCenter Server (vCenter Server) and VMware Cloud Foundation (Cloud Foundation). A malicious actor with network access to vCenter Server may trigger an out-of-bounds write, potentially leading to remote code execution. Review VMware Security Advisories for updates or apply the necessary mitigations. | Vmware |
| 1937 | Apple Releases Security Updates for iOS and iPadOS. [Published Date: 2023-10-25]
[Id:2023.10.25.002]
details...
Multiple vulnerabilities have been discovered in the following Apple products iOS 16.7.2, iOS 17.1, macOS Monterey 12.7.1, macOS Sonoma 14.1, macOS Ventura 13.6.1, Safari 17.1, tvOS 17.1, watchOS 10.1, iOS 15.8 and iPadOS 15.8. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Review the advisory and apply the necessary updates: iOS 16.7.2, iOS 17.1, macOS Monterey 12.7.1, macOS Sonoma 14.1, macOS Ventura 13.6.1, Safari 17.1, tvOS 17.1, watchOS 10.1, iOS 15.8 and iPadOS 15.8. | Apple |
| 1938 | Multiple Vulnerabilities in Mozilla Products. [Published Date: 2023-10-24]
[Id:2023.10.24.001]
details...
Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Mozilla Thunderbird is an email client. A cyber threat actor could exploit this vulnerability for Arbitrary Code Execution. Review Mozilla's security advisory (MFSA 2023-48, MFSA 2023-47, MFSA 2023-46, MFSA 2023-45) and apply necessary updates. | Mozilla |
| 1939 | CISA, FBI, and MS-ISAC Release Joint Advisory on Atlassian Confluence Vulnerability CVE-2023-22515. [Published Date: 2023-10-17]
[Id:2023.10.17.001]
details...
USA CISA (Cybersecurity and Infrastructure Security Agency), the Federal Bureau of Investigation (FBI), and the USA Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of the Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts. The advisory strongly encourages upgrading to a fixed version or taking servers offline to apply necessary updates. For upgrade instructions, a complete list of affected product versions, and indicators of compromise, see Atlassian’s security advisory | Atlassian |
| 1940 | Oracle Critical Patches Issued October 2023. [Published Date: 2023-10-17]
[Id:2023.10.17.002]
details...
Oracle Critical Patches Issued to address vulnerabilities across multiple products, including MySQL Server, Oracle Database Server, Oracle Enterprize Manager, Web Logic Server, etc. A remote attacker could exploit some of these vulnerabilities, allowing remote code execution. Review the Oracle October 2023 Critical Patch Update and apply the necessary updates. | Oracle |
| 1941 | Jira Service Management Server and Data Center patch. [Published Date: 2023-10-17]
[Id:2023.10.17.003]
details...
Certain versions of Jira Service Management Server & Data Center were affected by CVE-2019-13990. The affected versions contained vulnerable versions of Terracotta Quartz Scheduler which allowed authenticated attackers to initiate an XML External Entity injection attack using job descriptions. Review the Jira Service Management Server & Data Center Patch Update and apply the necessary updates. | Jira |
| 1942 | Cisco Releases Security Advisory for IOS XE Software Web UI. [Published Date: 2023-10-16]
[Id:2023.10.16.001]
details...
Cisco released a security advisory to address a vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI. A cyber threat actor can exploit this vulnerability to take control of an affected device. Review the Cisco security advisory, apply the necessary recommendations, hunt for any malicious activity, and apply patches when made available. | Cisco |
| 1943 | HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487. [Published Date: 2023-10-11]
[Id:2023.10.11.001]
details...
Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. Organizations that provide HTTP/2 services apply patches when available and consider configuration changes and other mitigations discussed in the references below. For more information on Rapid Reset, see: | IETF |
| 1944 | Citrix Releases Security Updates for Multiple Products. [Published Date: 2023-10-10]
[Id:2023.10.10.001]
details...
Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system. Review the following Citrix security bulletins and apply the necessary updates: | Citrix |
| 1945 | Microsoft Releases October 2023 Security Updates. [Published Date: 2023-10-10]
[Id:2023.10.10.002]
details...
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. Review Microsoft’s October 2023 Security Update Guide and apply the necessary updates. | Microsoft |
| 1946 | Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code. [Published Date: 2023-10-10]
[Id:2023.10.10.003]
details...
Adobe has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities and can run arbitrary code execution. Review the following Adobe security bulletins and apply the necessary updates: | Adobe |
| 1947 | Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-10-10]
[Id:2023.10.10.004]
details...
Google has released security updates to address vulnerabilities affecting Chrome versions prior to118.0.5993.70 for Mac and Linux and 118.0.5993.70/.71 for Windows. A malicious cyber actor can exploit one of these vulnerabilities to take control of an affected system. | Google |
| 1948 | Fortinet Releases Security Updates for Multiple Products. [Published Date: 2023-10-10]
[Id:2023.10.10.005]
details...
Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems. Review the following Fortinet security advisories and apply the recommended updates: - FG-IR-23-189: FortiManager, FortiAnalyzer -" Path traversal via unrestricted file upload
- FG-IR-23-062: FortiManager -" Improper inter ADOM access control
- FG-IR-23-167: FortiManager, FortiAnalyzer -" OS command injection
- FG-IR-22-352: FortiManager, FortiAnalyzer, FortiADC -" Command injection due to an unsafe usage of function
- FG-IR-23-318: FortiOS-" Improper authorization via prof-admin profile
- FG-IR-23-085: FortiSIEM - Multiple path traversal vulnerabilities
| Fortinet |
| 1949 | NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations. [Published Date: 2023-10-08]
[Id:2023.10.08.001]
details...
The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders. Read the Executive Assistant Director at CISA's blog post on the "Urgency for Software Manufacturers to Incorporate Secure by Design Principles." | CISA |
| 1950 | Apple Releases Security Updates for iOS and iPadOS. [Published Date: 2023-10-06]
[Id:2023.10.06.001]
details...
Apple has released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. Review the following advisory and apply the necessary updates: iOS 17.0.3 and iPadOS 17.0.3. | Apple |
| 1951 | Cisco Releases Security Advisories for Multiple Products [Published Date: 2023-10-05]
[Id:2023.10.05.001]
details...
Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Review the following advisories and apply the necessary updates: | Cisco |
| 1952 | Atlassian Releases Security Advisory for Confluence Data Center and Server. [Published Date: 2023-10-05]
[Id:2023.10.05.002]
details...
| Atlassian |
| 1953 | Critical Vulnerabilities in Progress WS_FTP Server Software. [Published Date: 2023-09-30]
[Id:2023.09.30.001]
details...
Progress Software released an advisory announcing multiple vulnerabilities in its enterprise-grade WS_FTP Server secure file transfer software. Two vulnerabilities, identified by CVE-2023-40044 and CVE-2023-42657, are rated as critical (CVSS Max 10.0). These flaws expose systems to unauthenticated remote command execution and directory traversal attacks. | progress |
| 1954 | Mozilla Releases Security Updates for Multiple Products [Published Date: 2023-09-29]
[Id:2023.09.29.001]
details...
Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, Firefox Focus for Android, and Firefox for Android. A cyber threat actor can exploit this vulnerability to take control of an affected system. | Mozilla |
| 1955 | An update for the nodejs:18 for Red Hat [Published Date: 2023-09-29]
[Id:2023.09.29.003]
details...
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8, and Red Hat Enterprise Linux 9,. Red Hat Product Security has rated this update as having a security impact of Important (CVSS Max 9.8),. This update fixes CVE-2023-32559,, CVE-2023-32006,, CVE-2023-32002,, CVE-2022-25883,. | Red Hat |
| 1956 | An update for the nodejs:16 for Red Hat [Published Date: 2023-09-29]
[Id:2023.09.29.004]
details...
| Red Hat |
| 1957 | Cisco Releases Security Advisories for Multiple Products [Published Date: 2023-09-28]
[Id:2023.09.28.001]
details...
Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. | Cisco |
| 1958 | Mozilla Releases Security Advisories for Thunderbird and Firefox [Published Date: 2023-09-27]
[Id:2023.09.27.001]
details...
| Mozilla |
| 1959 | Multiple Vulnerabilities in Cisco Catalyst SD-WAN Manager Could Allow for Unauthorized Access [Published Date: 2023-09-27]
[Id:2023.09.27.002]
details...
Multiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN Manager 20.3 - 20.12, the most severe of which could allow for unauthorized access to the targeted host. Exploiting the most severe of these vulnerabilities could allow for unauthorized access. An attacker could install programs, view, change, delete data or create new accounts with full user rights. | Cisco |
| 1960 | Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution [Published Date: 2023-09-27]
[Id:2023.09.27.003]
details...
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. By exploiting those vulnerabilities, an attacker could install programs, view, change, delete data, or create new accounts with full user rights. | Google |
| 1961 | Apple Releases Security Updates for Multiple Products [Published Date: 2023-09-22]
[Id:2023.09.22.001]
details...
Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. | Apple |
| 1962 | ISC Releases Security Advisories for BIND 9 [Published Date: 2023-09-20]
[Id:2023.09.20.001]
details...
The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions. | ISC |
| 1963 | Drupal Releases Security Advisory to Address Vulnerability in Drupal Core [Published Date: 2023-09-20]
[Id:2023.09.20.002]
details...
Drupal has released a security advisory to address a vulnerability affecting multiple Drupal versions. A malicious cyber actor could exploit this vulnerability to take control of an affected system. | Drupal |
| 1964 | GitLab Issues Updates for Critical Flaw [Published Date: 2023-09-20]
[Id:2023.09.20.003]
details...
GitLab versions 13.12 before 16.2.7 and 16.3 before 16.3.4 are vulnerable if you have both direct transfers and security policies enabled. While this can be mitigated by turning one of those features off, the better fix is to update to a more current version. | Gitlab |
| 1965 | Multiple Junos OS Vulnerabilities [Published Date: 2023-09-19]
[Id:2023.09.19.001]
details...
Juniper Networks has released fixes to address several vulnerabilities. These vulnerabilities could potentially be chained together to allow unauthorized remote code execution (RCE) on SRX and EX series devices. Also, a VulnCheck vulnerability researcher released another PoC exploit that only utilizes one of the vulnerabilities, bypassing the need to upload files while still achieving remote code execution. | juniper |
| 1966 | 3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability [Published Date: 2023-09-19]
[Id:2023.09.19.002]
details...
Trend Micro has released new patches and hotfixes for Trend Micro Apex One (on-premise and SaaS), Worry-Free Business Security and Worry-Free Business Security Services (SaaS) that resolves a vulnerability in the 3rd party AV uninstaller module that is provided with the endpoint products. Trend Micro said that a successful exploitation of the flaw could allow an attacker to manipulate the component to execute arbitrary commands on an affected installation. However, it requires that the adversary already has administrative console access on the target system. Trend Micro has observed at least one active attempt of potential attacks against this vulnerability in the wild (ITW). Customers are strongly encouraged to update to the latest versions as soon as possible. | Trendmicro |
| 1967 | Atlassian Releases September Security Bulletin [Published Date: 2023-09-19]
[Id:2023.09.19.003]
details...
Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products. A malicious cyber actor could exploit some of these vulnerabilities to take control of an affected system. | Atlassian |
| 1968 | Fortinet Releases Security Updates for Multiple Products [Published Date: 2023-09-13]
[Id:2023.09.13.001]
details...
Fortinet has released security updates to address vulnerabilities (CVE-2023-29183 and CVE-2023-34984) affecting FortiOS, FortiProxy, and FortiWeb. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. | Fortinet |
| 1969 | Palo Alto Networks has released a security update to address a vulnerability in PAN-OS [Published Date: 2023-09-13]
[Id:2023.09.13.002]
details...
Palo Alto Networks has released a security update to address a vulnerability in PAN-OS BGP software such as FRRouting FRR included as part of the PAN-OS virtual routing feature enables a remote attacker to reset network sessions through an invalid BGP update incorrectly. This issue is applicable only to firewalls configured with virtual routers that have BGP enabled. | Palo Alto Networks |
| 1970 | Adobe Releases Security Updates for Multiple Products [Published Date: 2023-09-12]
[Id:2023.09.12.001]
details...
Adobe has released security updates to address vulnerabilities (CVSS 5.4 to 7.6 (Max)) affecting Adobe software (including Adobe Acrobat and Reader). A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system: | Adobe |
| 1971 | Mozilla Releases Security Updates for Multiple Products [Published Date: 2023-09-12]
[Id:2023.09.12.002]
details...
Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Thunderbird. A cyber threat actor can exploit this vulnerability to take control of an affected system. | Mozilla |
| 1972 | Microsoft Releases September 2023 Updates [Published Date: 2023-09-11]
[Id:2023.09.11.001]
details...
Microsoft has released updates to address multiple vulnerabilities (including Microsoft Exchange Server 2016, Microsoft System Center, .NET Framework, Microsoft Office, Windows DHCP Server, Windows TCP/IP, etc.) in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities (*CVSS 5.5 to 8.8) to take control of an affected system. | Microsoft |
| 1973 | Apple Releases Security Updates for iOS and macOS [Published Date: 2023-09-11]
[Id:2023.09.11.002]
details...
Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device: | Apple |
| 1974 | Google Releases Security Updates for Google Chrome [Published Date: 2023-09-11]
[Id:2023.09.11.003]
details...
Google has released security updates to address a vulnerability affecting Google Chrome. A cyber threat actor can exploit the vulnerability, allowing for arbitrary code execution. | Google |
| 1975 | Microsoft Releases August 2023 Security Updates [Published Date: 2023-08-17]
[Id:2023.08.17.001]
details...
Microsoft has released updates to address multiple vulnerabilities (*CVSS:4.5 to 9.8) with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities in Microsoft software (including Microsoft Exchange Server 2016, Microsoft Office, Microsoft Edge, SQL Server, Hyper-V, etc.). An attacker can exploit some of these vulnerabilities to take control of an affected system... | Microsoft |
| 1976 | Fortinet Releases Security Update for FortiOS [Published Date: 2023-08-17]
[Id:2023.08.17.002]
details...
Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system. | Fortinet |
| 1977 | Adobe Releases Security Updates for Multiple Products [Published Date: 2023-08-08]
[Id:2023.08.08.001]
details...
Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system: - Adobe Acrobat and Reader: APSB23-30
- Adobe Commerce: APSB23-42
- Adobe Dimension: APSB23-44
- Adobe XMP Toolkit SDK: APSB23-45
| Adobe |
| 1978 | Update Situational Alert on Cyber Threats [Published Date: 2023-08-08]
[Id:2023.08.08.002]
details...
This report serves as an update to the ‘SITUATIONAL ALERT ON CYBER THREATS’ issued on 4th August. It provides an Indicator of Compromise (IOC) list which organizations may use for their preventive security measures... | BDNCIRT |
| 1979 | Situational Alert on Cyber Threats [Published Date: 2023-08-04]
[Id:2023.08.04.001]
details...
In a response to a declaration made by some religious and ideologically motivated underground hacker groups on 31st July to launch as they mentioned a storm of cyber-attacks against Bangladesh cyberspace on next 15th August, Bangladesh Government's Computer Incident Response Team (BGD e-GOV CIRT) is releasing this alert to warn critical information infrastructures (CII), banks and financial institutions, health care and all sorts of government and private organizations of the possible conducted cyber-attacks by the groups that may disrupt IT operations and businesses.... | BDNCIRT |
| 1980 | Regarding Strengthening Cyber Security of All Banks/FIs operating in Bangladesh [Published Date: 2023-08-02]
[Id:2023.08.02.001]
details...
Considering the recent increase in cyber incidents, there is possibility of cyber attacks in any Banks/FIS operating in Bangladesh. It is important to take securiry measures to deal with any such cyber attack. | Bangladesh Bank |
| 1981 | Security update for java-1.8.0-IBM is now available for RHEL 8. [Published Date: 2023-07-17]
[Id:2023.07.17.001]
details...
| Red Hat |
| 1982 | Zimbra has warned of a critical zero-day security flaw in its email software. [Published Date: 2023-07-14]
[Id:2023.07.14.001]
details...
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the company said in an advisory.It also said that the issue has been addressed and is expected to be delivered in the July patch release. Additional details about the flaw are currently unavailable. In the interim, it urges customers to apply a manual fix to eliminate the attack vector. | Zimbra |
| 1983 | Cisco Releases Security Update for SD-WAN vManage [Published Date: 2023-07-12]
[Id:2023.07.12.001]
details...
Cisco has released a security update to address a critical vulnerability(CVSS Base: 9.1) affecting SD-WAN vManage API. A remote attacker can exploit this vulnerability to take control of an affected system. Review the Cisco security release Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability and apply the necessary updates. | Cisco |
| 1984 | Juniper Releases Multiple Security Updates for Juno OS. [Published Date: 2023-07-12]
[Id:2023.07.12.002]
details...
Juniper has released updates to address multiple vulnerabilities in Juno OS. An attacker can exploit some of these vulnerabilities to take control of an affected system. | Juniper |
| 1985 | Microsoft Releases July 2023 Security Updates [Published Date: 2023-07-11]
[Id:2023.07.11.001]
details...
Microsoft has released updates to address multiple vulnerabilities (CVSS: Max 9.8) in Microsoft software. (like Windows Message Queuing, DNS Server, Windows Cluster Server, Windows Server Update Service, Windows Failover Cluster, Windows Certificates, Windows Active Directory Certificate Services, etc.) An attacker can exploit some of these vulnerabilities to take control of an affected system.... Microsoft's July 2023 Security Update | Guide and Deployment Information | Microsoft |
| 1986 | Fortinet Releases Security Update for FortiOS and FortiProxy [Published Date: 2023-07-11]
[Id:2023.07.11.002]
details...
| Fortinet |
| 1987 | Press Release July 08 2023: Alert from CIRT [Published Date: 2023-07-09]
[Id:2023.07.09.001]
details...
| BDNCIRT |
| 1988 | Press Release: Situational Alert on Cyber Threats from CIRT, June 2023 [Published Date: 2023-06-27]
[Id:2023.06.27.001]
details...
| BDNCIRT |
| 1989 | Press release April 2023: Situational Security Alerts from CIRT [Published Date: 2023-04-21]
[Id:2023.04.21.001]
details...
| BDNCIRT |
| 1990 | Security best practices [Published Date: 2023-03-29]
[Id:2023.03.29.001]
details...
Password Policy best practices Create a strong, complex and long password. Use multi-factor authentication for login where possible. Avoid save password in browser. Generic best practices Do not install additional software or server roles on DCs Implement patch management. Use secure DNS services to block malicious domains Ensure business continuity... View Post | BDNCIRT |
| 1991 | Dropbox discloses breach after hacker stole 130 GitHub repositories [Published Date: 2022-11-02]
[Id:2022.11.02.001]
details...
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack... View Post | BDNCIRT |
| 1992 | ABOUT “BLUEBLEED”SERVICE AND THE VULNERABILITY OF MICROSOFT AWS SERVERS [Published Date: 2022-10-20]
[Id:2022.10.20.001]
details...
Attack info: First seen 2022-09-24 • Last seen 2022-10-19 On October 19, 2022, Socradar announced a vulnerability they discovered in several misconfigured Microsoft AWS servers... View Post | BDNCIRT |
| 1993 | CVE-2022-41352: Remote Code Execution Vulnerability in Zimbra Collaboration Suite CVSS 3.0: 9.8 (Critical) [Published Date: 2022-10-16]
[Id:2022.10.16.001]
details...
Vulnerability Description An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that... View Post | BDNCIRT |
| 1994 | Magniber ransomware now infects Windows users via JavaScript files [Published Date: 2022-10-16]
[Id:2022.10.16.002]
details...
A recent malicious campaign delivering Magniber ransomware has been targeting Windows home users with fake security updates... View Post
| BDNCIRT |
| 1995 | New PHP information-stealing malware targets Facebook accounts [Published Date: 2022-10-16]
[Id:2022.10.16.003]
details...
A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets... View Post | BDNCIRT |
| 1996 | An update for Red Hat Data Grid 8 is now available
[Id:2023.09.29.002]
details...
| Red Hat |