Ubuntu Security Advisory. [Published Date: 2024-10-21]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS

HPE Security Advisory. [Published Date: 2024-10-18]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE Cray EX235a Accelerator Blade - versions prior to v1.9.0 (HFP 24.9)
• HPE Cray EX235n Server - versions prior to v1.5.0 (HFP 24.9)
• HPE Cray EX255a Accelerator Blade - versions prior to v1.1.0 (HFP 24.8.1)
• HPE Cray EX425 Compute Blade - versions prior to v1.7.5 (HFP 24.9)
• HPE Cray EX4252 Compute Blade - versions prior to v1.7.0 (HFP 24.8.1)
• HPE ProLiant XL645d Gen10 Plus Server - versions prior to v3.20_08-07-2024
• HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.20_08-07-2024

Microsoft Edge Security Advisory. [Published Date: 2024-10-17]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 130.0.2849.46.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

F5 Security Advisory. [Published Date: 2024-10-16]

F5 published security updates address vulnerabilities in BIG-IP (all modules) - versions 17.1.0 to 17.1.1, 16.1.0 to 16.1.4, and 15.1.0 to 15.1.1.0

Review the F5 Security Advisories and apply the necessary updates.

Cisco Security Advisory. [Published Date: 2024-10-16]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Cisco ATA 191 Analog Telephone Adapter - version 12.0.1 and prior
• Cisco ATA 191 and 192 Multiplatform Analog Telephone Adapter - version 11.2.4 and prior

SolarWinds Security Advisory. [Published Date: 2024-10-16]

SolarWinds published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• Serv-U FTP - version 15.4.2 and prior
• SolarWinds Platform - version 2024.2.1 and prior
• SolarWinds Web Help Desk - versions 12.8.3 HF2 and prior

• Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability (CVE-2024-45711)
• SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability (CVE-2024-45710)
• SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability (CVE-2024-28988)

VMware Security Advisory. [Published Date: 2024-10-16]

VMware released a security advisory to address multiple vulnerabilities in VMWare HCX - versions 4.8.x, 4.9.x, and 4.10.x.

Review VMware security advisory VMSA-2024-0021 and apply the necessary updates.

Google Chrome Security Advisory. [Published Date: 2024-10-15]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 130.0.6723.58 for Linux and prior to 130.0.6723.58/.59 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Oracle security advisory - October 2024. [Published Date: 2024-10-15]

Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:

• Autonomous Health Framework, versions prior to 24.9
• GoldenGate Stream Analytics, versions 19.1.0.0.0-19.1.0.0.9
• Management Cloud Engine, version 24.1.0.0.0
• MySQL Client, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
• MySQL Cluster, versions 7.5.35 and prior, 7.6.31 and prior, 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
• MySQL Connectors, versions 9.0.0 and prior
• MySQL Enterprise Backup, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
• MySQL Enterprise Monitor, versions 8.0.39 and prior
• MySQL Server, versions 8.0.39 and prior, 8.4.2 and prior, 9.0.1 and prior
• MySQL Shell, versions 8.0.38 and prior, 8.4.1 and prior, 9.0.1 and prior
• MySQL Workbench, versions 8.0.38 and prior
• Oracle Access Manager, version 12.2.1.4.0
• Oracle Agile PLM, version 9.3.6
• Oracle Application Express, versions 23.1, 23.2, 24.1
• Oracle Application Testing Suite, version 13.3.0.1
• Oracle Autovue for Agile Product Lifecycle Management, version 21.1.0
• Oracle Banking APIs, versions 19.2.0.0.0, 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0
• Oracle Banking Cash Management, versions 14.7.4.0.0, 14.7.5.0.0
• Oracle Banking Corporate Lending Process Management, versions 14.4.0.0.0, 14.5.0.0.0, 14.6.0.0.0, 14.7.0.0.0
• Oracle Banking Digital Experience, versions 19.2.0.0.0, 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0
• Oracle Banking Liquidity Management, versions 14.5.0.12.0, 14.7.0.6.0, 14.7.4.0.0, 14.7.5.0.0
• Oracle Banking Supply Chain Finance, versions 14.7.4.0.0, 14.7.5.0.0
• Oracle BI Publisher, versions 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0
• Oracle Blockchain Platform, version 21.1.2
• Oracle Business Activity Monitoring, version 12.2.1.4.0
• Oracle Business Intelligence Enterprise Edition, versions 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0
• Oracle Business Process Management Suite, version 12.2.1.4.0
• Oracle Commerce Guided Search, versions 11.3.2, 11.4.0
• Oracle Commerce Platform, versions 11.3.0, 11.3.1, 11.3.2
• Oracle Communications ASAP, version 7.4.3.0.2
• Oracle Communications Cloud Native Core Automated Test Suite, versions 23.4.3, 23.4.4, 24.1.1, 24.2.2
• Oracle Communications Cloud Native Core Binding Support Function, versions 23.4.0-23.4.5
• Oracle Communications Cloud Native Core Certificate Management, versions 23.4.2, 23.4.3, 24.2.0
• Oracle Communications Cloud Native Core Console, versions 23.4.2, 24.2.0
• Oracle Communications Cloud Native Core DBTier, versions 24.1.0, 24.2.0
• Oracle Communications Cloud Native Core Network Function Cloud Native Environment, versions 23.4.0, 24.1.0-24.2.0
• Oracle Communications Cloud Native Core Network Repository Function, versions 23.4.4, 24.2.1
• Oracle Communications Cloud Native Core Network Slice Selection Function, versions 24.2.0, 24.2.1
• Oracle Communications Cloud Native Core Policy, versions 23.4.0-23.4.6
• Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 23.4.2, 24.2.0
• Oracle Communications Cloud Native Core Service Communication Proxy, versions 23.4.0, 24.1.0, 24.2.0
• Oracle Communications Cloud Native Core Unified Data Repository, version 24.2.0
• Oracle Communications Convergent Charging Controller, versions 6.0.1.0.0, 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0
• Oracle Communications Core Session Manager, version 9.1.5
• Oracle Communications EAGLE Application Processor, version 17.0.1
• Oracle Communications IP Service Activator, versions 7.4.0, 7.5.0
• Oracle Communications LSMS, version 14.0.0.1
• Oracle Communications Messaging Server, version 8.1
• Oracle Communications Network Analytics Data Director, versions 23.4.0, 24.1.0, 24.2.0
• Oracle Communications Network Charging and Control, versions 6.0.1.0.0, 12.0.1.0.0-12.0.6.0.0, 15.0.0.0.0
• Oracle Communications Operations Monitor, versions 5.1, 5.2
• Oracle Communications Order and Service Management, versions 7.4.0, 7.4.1, 7.5.0
• Oracle Communications Performance Intelligence Center, versions prior to 10.4.0.4
• Oracle Communications Policy Management, versions 12.6.1.0.0, 15.0.0.0.0
• Oracle Communications Session Border Controller, versions 9.1.0, 9.2.0, 9.3.0
• Oracle Communications Unified Assurance, versions 5.5.0-5.5.22, 6.0.0-6.0.5
• Oracle Communications User Data Repository, versions 12.11.0, 14.0
• Oracle Data Integrator, version 12.2.1.4.0
• Oracle Database Server, versions 19.3-19.24, 21.3-21.15, 23.4-23.5
• Oracle E-Business Suite, versions 12.2.3-12.2.14, [ECC] 11-13
• Oracle Enterprise Communications Broker, versions 4.1.0, 4.2.0
• Oracle Enterprise Data Quality, version 12.2.1.4.0
• Oracle Enterprise Manager Base Platform, versions 12.2.1.4.0, 13.5.0.0
• Oracle Enterprise Manager for Fusion Middleware, version 12.2.1.4.0
• Oracle Enterprise Manager for Peoplesoft, version 13.5.1.1.0
• Oracle Enterprise Manager Fusion Middleware Control, version 12.2.1.4.0
• Oracle Enterprise Operations Monitor, versions 5.1, 5.2
• Oracle Essbase, version 21.6
• Oracle Financial Services Compliance Studio, versions 8.1.2.7, 8.1.2.8
• Oracle Financial Services Revenue Management and Billing, versions 3.0.0.0.0, 4.0.0.0.0, 5.0.0.0.0
• Oracle Global Lifecycle Management FMW Installer, version 12.2.1.4.0
• Oracle GoldenGate Big Data and Application Adapters, versions 19.1.0.0.0-19.1.0.0.9
• Oracle GraalVM Enterprise Edition, versions 20.3.15, 21.3.11
• Oracle GraalVM for JDK, versions 17.0.12, 21.0.4, 23
• Oracle Graph Server and Client, versions 23.4.3, 24.3.0
• Oracle Hospitality Cruise Shipboard Property Management System, version 23.1.3
• Oracle Hospitality OPERA 5, versions 5.6.19.19, 5.6.25.8, 5.6.26.4
• Oracle Hospitality Simphony, versions 19.1.0-19.6.2
• Oracle HTTP Server, versions 12.2.1.4.0, 14.1.1.0.0
• Oracle Hyperion BI+, version 11.2.18.0.0
• Oracle Hyperion Financial Management, version 11.2.18.0.0
• Oracle Hyperion Infrastructure Technology, version 11.2.18.0.0
• Oracle Identity Manager Connector, versions 11.1.1.5.0, 12.2.1.3.0
• Oracle Java SE, versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23
• Oracle Managed File Transfer, version 12.2.1.4.0
• Oracle Middleware Common Libraries and Tools, version 12.2.1.4.0
• Oracle NoSQL Database, versions 1.5.0, 20.3.40, 21.2.71, 22.3.45, 23.3.33, 24.1.17
• Oracle Outside In Technology, version 8.5.7
• Oracle Retail Customer Management and Segmentation Foundation, version 19.0.0.10
• Oracle Retail EFTLink, versions 20.0.1, 21.0.0, 22.0.0, 23.0.0
• Oracle SD-WAN Aware, version 9.0.1.10.0
• Oracle SD-WAN Edge, versions 9.1.1.3.0, 9.1.1.5.0-9.1.1.8.0, 9.1.1.9.0
• Oracle Secure Backup, versions 18.1.0.1.0, 18.1.0.2.0, 19.1.0.0.0
• Oracle Service Bus, version 12.2.1.4.0
• Oracle Solaris Cluster, version 4
• Oracle SQL Developer, versions 23.1.0, 24.3.0
• Oracle Utilities Application Framework, versions 4.0.0.0.0, 4.0.0.2.0, 4.0.0.3.0, 4.3.0.3.0-4.3.0.6.0, 4.5.0.0.0
• Oracle Utilities Network Management System, versions 2.3.0.2.34, 2.4.0.1.25, 2.5.0.1.14, 2.5.0.2.8, 2.6.0.1.5
• Oracle VM VirtualBox, versions prior to 7.0.22, prior to 7.1.2
• Oracle WebCenter Forms Recognition, version 14.1.1.0.0
• Oracle WebCenter Portal, version 12.2.1.4.0
• Oracle WebCenter Sites, version 12.2.1.4.0
• Oracle WebLogic Server, versions 12.2.1.4.0, 14.1.1.0.0
• PeopleSoft Enterprise CC Common Application Objects, version 9.2
• PeopleSoft Enterprise ELM Enterprise Learning Management, version 9.2
• PeopleSoft Enterprise FIN Expenses, version 9.2
• PeopleSoft Enterprise HCM Global Payroll Core, versions 9.2.48-9.2.50
• PeopleSoft Enterprise PeopleTools, versions 8.59, 8.60, 8.61
• Siebel Applications, versions 24.7 and prior

Atlassian Security Advisory. [Published Date: 2024-10-15]

Atlassian published security advisories to address vulnerabilities in the following products:

• Bitbucket Data Center and Server - multiple versions
• Confluence Data Center and Server - multiple versions
• Jira Service Management Data Center and Server - multiple versions

Mozilla Security Advisory. [Published Date: 2024-10-14]

Mozilla published security advisories to address vulnerabilities Firefox - versions prior to 131.0.3.

Review the Mozilla security bulletins and apply the necessary updates.

Dell Security Advisory. [Published Date: 2024-10-13]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• GeoDrive for Windows - versions prior to 2.3.3
• NetWorker - versions 19.10 to 19.10.0.4, versions 19.11 to 19.11.0.1, versions 19.8 to 19.8.0.4, versions 19.9 to 19.9.0.7 and versions prior to 19.8

• DSA-2024-418: Security Update for Dell GeoDrive Multiple Third-Party Component Vulnerabilities
• DSA-2024-423: Security Update for Dell NetWorker And NetWorker Management Console (NMC) Multiple Component Vulnerabilities

IBM Security Advisory. [Published Date: 2024-10-13]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• IBM Cloud Pak for AIOps - version 4.1.0 to 4.6.1
• IBM Engineering Systems Design Rhapsody - Model Manager - versions 7.0.2 and 7.0.3
• IBM Maximo Application Suite - AI Broker - versions 9.0.1
• IBM Maximo Application Suite - IoT Component - versions 8.7, 8.8 and 9.0
• IBM Security Verify Governance, Identity Manager software component - version ISVG 10.0.2
• IBM Security Verify Governance, Identity Manager virtual appliance component - version ISVG 10.0.2

Ubuntu Security Advisory. [Published Date: 2024-10-13]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 18.04 ESM
• Ubuntu 22.04 LTS

• USN-7020-4: Linux kernel vulnerabilities
• USN-7022-3: Linux kernel vulnerabilities

GitHub Security Advisory. [Published Date: 2024-10-10]

GitHub published a security advisory to address a critical vulnerability in the following products:

• GitLab Community Edition (CE) - versions prior to 17.4.2, 17.3.5 and 17.2.9
• GitLab Enterprise Edition (EE) - versions prior to 17.4.2, 17.3.5 and 17.2.9

SonicWall Security Advisory. [Published Date: 2024-10-10]

SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• SonicWall SMA1000 Connect Tunnel Windows (32 and 64-bit) Client - version 12.4.3.271 and prior
• SonicWall SMA1000 Appliance firmware - version 12.4.3-02676 and prior

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies. [Published Date: 2024-10-10]

Cyber threat actors leverage unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet-facing devices on the network. F5 BIG-IP is a suite of hardware and software solutions designed to manage and secure network traffic. A malicious cyber actor could leverage the information gathered from unencrypted persistence cookies to infer or identify additional network resources and potentially exploit vulnerabilities found in other devices present on the network.

Review the following article for details on how to configure the BIG-IP LTM system to encrypt HTTP cookies.

Mozilla Security Advisory. [Published Date: 2024-10-10]

Mozilla published security advisories to address vulnerabilities in the following products:

• Thunderbird - versions prior to 115.16
• Thunderbird - versions prior to 128.3.1
• Thunderbird - versions prior to 131.0.1

Microsoft Edge Security Advisory. [Published Date: 2024-10-10]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 129.0.2792.89 and Extended Stable - versions prior to 128.0.2739.113.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

GitHub Security Advisory. [Published Date: 2024-10-10]

GitHub published a security advisory to address a critical vulnerability in the following products:

• GitHub Enterprise Server - versions 3.14.x prior to 3.14.2
• GitHub Enterprise Server - versions 3.13.x prior to 3.13.5
• GitHub Enterprise Server - versions 3.12.x prior to 3.12.10
• GitHub Enterprise Server - versions 3.11.x prior to 3.11.16

• GitHub Release Notes #3.14.2
• GitHub Release Notes #3.13.5
• GitHub Release Notes #3.12.10
• GitHub Release Notes #3.11.16

Mozilla Security Advisory. [Published Date: 2024-10-09]

Mozilla published security advisories to address vulnerabilities in the following products:

• Firefox - versions prior to 131.0.2
• Firefox ESR - versions prior to 115.16.1
• Firefox ESR - versions prior to 128.3.1

Palo Alto Networks Security Advisory. [Published Date: 2024-10-09]

Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• Palo Alto Networks Expedition - versions prior to 1.2.96
• Palo Alto Prisma Access Browser - versions prior to 129.59.2896.5
• Palo Alto Networks PAN-OS - multiple versions

• Palo Alto Networks Security Advisories - PAN-SA-2024-0010
• Palo Alto Networks Security Advisories - PAN-SA-2024-0011
• Palo Alto Networks Security Advisories - CVE-2024-9468

Juniper Networks Security Advisory. [Published Date: 2024-10-09]

Juniper Networks published a security advisory to address a critical vulnerability in the following products:

• Juniper Session Smart Conductor - multiple versions
• Juniper Session Smart Router - multiple versions
• Juniper WAN Assurance Router - multiple versions

Mitel Security Advisory. [Published Date: 2024-10-09]

Mitel published security advisories to address vulnerabilities in MiCollab - versions 9.8 SP1 FP2 (9.8.1.201) and prior

Review the following advisories and apply the necessary updates:

• Mitel Security Advisory - 2024-0028
• Mitel Security Advisory - 2024-0029

Ivanti Security Advisory. [Published Date: 2024-10-08]

Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• Ivanti Connect Secure - versions prior to 22.7R2.1
• Ivanti Policy Secure - versions prior to 22.7R1.1
• Ivanti Avalanche - versions 6.4.2.313 and prior
• Ivanti EPMM (Core) - versions 12.1.0.3 and prior
• Ivanti CSA (Cloud Services Appliance) - versions 5.0.1 and prior

• Ivanti - Security patch release - Ivanti Connect Secure 22.7R2.1 and 22.7R1.1
• Ivanti - Security patch release - Ivanti Avalanche 6.4.2.313
• Ivanti - Security patch release - Ivanti EPMM (Core)
• Security Advisory Ivanti CSA (Cloud Services Appliance)

Adobe Security Advisory. [Published Date: 2024-10-08]

Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

• Adobe Animate 2023 - versions 23.0.7 and prior (Windows and MacOS)
• Adobe Animate 2024 - versions 24.0.4 and prior (Windows and MacOS)
• Acrobat Commerce - multiple versions
• Acrobat Commerce B2B - multiple versions
• Acrobat Dimension - version 4.0.3 and prior (Windows and MacOS)
• Adobe InCopy - versions 18.5.3 and prior (Windows and MacOS), versions 19.4 and prior (Windows and MacOS)
• Adobe InDesign - versions ID18.5.3 and prior (Windows and MacOS), versions ID19.4 and prior (Windows and MacOS)
• Adobe FrameMaker - versions 2020 Release Update 6 and prior (Windows), versions 2022 Release Update 4 and prior (Windows)
• Adobe Lightroom - versions 7.4.1 and prior
• Adobe Lightroom Classic - versions 13.5 and prior
• Adobe Lightroom Classic (LTS) - versions 12.5.1 and prior
• Adobe Substance 3D Stager - versions 3.0.3 and prior (Windows and MacOS)
• Magento Open Source - multiple versions

Microsoft October 2024 Security Updates. [Published Date: 2024-10-08]

Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

• .NET 6.0
• .NET 8.0
• Azure CLI
• Azure Monitor Agent
• Azure Service Connector
• Azure Service Fabric
• Azure Stack HCI 22H2
• Azure Stack HCI 23H2
• DeepSpeed
• Microsoft .NET Framework - multiple versions
• Microsoft .NET Framework
• Microsoft 365 Apps for Enterprise
• Microsoft Configuration Manager - multiple versions
• Microsoft Defender
• Microsoft Excel 2016
• Microsoft Office 2016
• Microsoft Office 2019
• Microsoft Office LTSC
• Microsoft Outlook for Android
• Microsoft SharePoint Enterprise Server 2016
• Microsoft SharePoint Server 2019
• Microsoft SharePoint Server
• Microsoft Visual Studio 2015
• Microsoft Visual Studio 2017
• Microsoft Visual Studio 2019
• Microsoft Visual Studio 2022 - multiple versions
• Power BI Report Server
• Remote Desktop client for Windows Desktop
• Visual C++ Redistributable Installer
• Visual Studio Code
• Windows 10 - multiple versions
• Windows 11 - multiple versions
• Windows Server 2008 - multiple versions
• Windows Server 2012 - multiple versions
• Windows Server 2016 - multiple versions
• Windows Server 2019 - multiple versions
• Windows Server 2022 - multiple versions

Google Chrome Security Advisory. [Published Date: 2024-10-08]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 129.0.6668.100 for Linux and prior to 129.0.6668.100/.101 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

SAP security advisory - October 2024 monthly rollup. [Published Date: 2024-10-08]

SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• SAP Enterprise Project Connection - version 3.0
• SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 and 2025

Qualcomm Security Advisory. [Published Date: 2024-10-08]

Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.

Review the Qualcomm Security Bulletin and apply the necessary updates.

Dell (VMware)security advisory. [Published Date: 2024-10-06]

Dell (VMware) released a security advisory to address vulnerabilities in the following products:

• VMware vCenter Server 7.0 - vcenter server versions prior to 7.0u3s
• VMware vCenter Server 8.0 - vcenter server versions prior to 8.0ub

IBM security advisory. [Published Date: 2024-10-06]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• IBM Business Automation Manager Open Editions - versions 9.0.0, 9.0.1 and 9.1.0
• IBM Observability with Instana (OnPrem) - versions Build 275 to 279
• IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.4
• IBM Db2® on Cloud Pak for Data - multiple versions
• IBM Db2® Warehouse on Cloud Pak for Data - multiple versions

• IBM Security Bulletin (IBM Business Automation Manager Open Editions)
• IBM Security Bulletin (IBM Observability with Instana (OnPrem))
• IBM Security Bulletin (IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data)
• IBM Security Bulletin (IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data)

Ubuntu Security Advisory. [Published Date: 2024-10-06]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS

• Ubuntu Security Notice (USN-7021-4)
• Ubuntu Security Notice (USN-7003-5)

Red Hat Security Advisory. [Published Date: 2024-10-06]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platform

• Red Hat Security Advisory - RHSA-2024:7489
• Red Hat Security Advisory - RHSA-2024:7490

Android security advisory - October 2024 Monthly Rollup. [Published Date: 2024-10-06]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android Security Bulletin and apply the necessary updates.

Apple Security Advisory. [Published Date: 2024-10-03]

Apple published security advisories to address vulnerabilities in iOS and iPadOS - versions prior to 18.0.1.

Review the provided Apple Security Advisory and apply the necessary updates.

Microsoft Edge Security Advisory. [Published Date: 2024-10-03]

Microsoft published a security update to address vulnerabilities in Microsoft Edge Extended Stable Channel - versions prior to 129.0.2792.79.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

HPE Security Advisory. [Published Date: 2024-10-02]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE BackBox Software - multiple versions
• HPE Nonstop QORESTOR Software T1137 - version T1137V01 and versions T1137V01^AAA to AAD

Jenkins Security Advisory. [Published Date: 2024-10-02]

Jenkins published a security advisory to address vulnerabilities in the following products:

• Jenkins weekly - version 2.478 and prior
• Jenkins LTS - version 2.462.2 and prior
• Credentials Plugin - version 1380.va_435002fa_924 and prior
• OpenId Connect Authentication Plugin - version 4.354.v321ce67a_1de8 and prior

Cisco Security Advisory. [Published Date: 2024-10-02]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Cisco Meraki MX Firmware Release - version 16.2 and later, version 17.0 and later, version 18.0 and later
• Cisco NDFC - version 12.0
• Cisco RV340 Dual WAN Gigabit VPN Routers
• Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Routers
• Cisco RV345 Dual WAN Gigabit VPN Routers
• Cisco RV345P Dual WAN Gigabit PoE VPN Routers

• Cisco Security Advisory - cisco-sa-meraki-mx-vpn-dos-QTRHzG2
• Cisco Security Advisory - cisco-sa-ndfc-cmdinj-UvYZrKfr#vp
• Cisco Security Advisory - cisco-sa-rv34x-privesc-rce-qE33TCms
• Cisco Security Advisory - cisco-sa-ndfc-ptrce-BUSHLbp

Zimbra Security Advisory. [Published Date: 2024-10-02]

Zimbra published a security advisory to address vulnerabilities in the following products:

• Zimbra Collaboration versions prior to 9.0.0 Patch 41
• Zimbra Collaboration versions prior to 10.0.9
• Zimbra Collaboration versions prior to 10.1.1
• Zimbra Collaboration versions prior to 8.8.15 Patch 46

Drupal Security Advisory. [Published Date: 2024-10-02]

Drupal published security advisories to address vulnerabilities in Two-factor Authentication (TFA) module - versions prior to 1.8.0.

Review the provided Drupal Security Advisory and apply the necessary updates.

OpenPrinting CUPS Security Advisory. [Published Date: 2024-10-01]

OpenPrinting published a security update to address vulnerabilities in Common UNIX Printing Systems (CUPS) - version 2.1b1 and prior, version 2.0.1 and prior.

Review the following advisories and apply the necessary updates:

• Multiple bugs leading to info leak and remote code execution
• Command injection via FoomaticRIPCommandLine
• ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer
• cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server
• RHSB-2024-002 - OpenPrinting cups-filters
• Red Hat’s response to OpenPrinting CUPS vulnerabilities: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177
• CUPS Remote Code Execution Vulnerability Fix Available

Mozilla Security Advisory. [Published Date: 2024-10-01]

Mozilla published security advisories to address vulnerabilities in the following products:

• Thunderbird - versions prior to 131
• Thunderbird - versions prior to 128.3
• Firefox ESR - versions prior to 115.16
• Firefox ESR - versions prior to 128.3
• Firefox - versions prior to 131

• Mozilla Security Advisory (MFSA 2024-50)
• Mozilla Security Advisory (MFSA 2024-49)
• Mozilla Security Advisory (MFSA 2024-48)
• Mozilla Security Advisory (MFSA 2024-47)
• Mozilla Security Advisory (MFSA 2024-46)

Google Chrome Security Advisory. [Published Date: 2024-10-01]

Google has released security updates to address multiple vulnerabilities affecting  Stable Channel Chrome versions 129.0.6668.89 for Linux and prior to 29.0.6668.89/.90 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Dell Security Advisory. [Published Date: 2024-09-29]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.16.9
• APEX Cloud Platform Foundation Software - versions prior to 03.02.00.00
• Connectrix - multiple versions and models
• Dell EMC VxRail Appliance - 7.0.x versions prior to 7.0.531
• Dell Networking OS10 - 10.5.3.x, 10.5.4.x, 10.5.5.x and 10.5.6.x
• Dell PowerMax - multiple versions and models
• PowerMaxOS - multiple versions and models
• Unisphere - multiple versions and models

IBM Security Advisory. [Published Date: 2024-09-29]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• IBM Cloud Pak for Data - versions 4.0.0 to 4.8.5, 5.0.0 and 5.0.1
• IBM CP4MCM - version 2.3 to 2.3 FP8
• IBM Storage Protect Plus - versions 10.1.0 to 10.1.16.2
• IBM watsonx.data - versions 1.0.0 to 2.0.0
• IBM watsonx.data - versions 1.1.0 to 2.0.2

Ubuntu Security Advisory. [Published Date: 2024-09-29]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS

Red Hat Security Advisory. [Published Date: 2024-09-29]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms

PHP Security Advisory. [Published Date: 2024-09-27]

PHP published a security advisory to address vulnerabilities in the following products:

• PHP 8.1 versions prior to 8.1.30
• PHP 8.2 versions prior to 8.2.24
• PHP 8.3 versions prior to 8.3.12

HPE Security Advisory. [Published Date: 2024-09-27]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE Superdome Flex 280 Server - versions prior to v1.90.12
• HPE Superdome Flex Server - versions prior to v4.0.10

Foxit Security Advisory. [Published Date: 2024-09-26]

Foxit published security advisories to address vulnerabilities in the following products:

• Foxit PDF Editor for Windows - multiple versions
• Foxit PDF Reader for Windows - multiple versions
• Foxit PDF Reader for Mac - version 2024.2.2.64388 and prior
• Foxit PDF Editor for Mac - multiple versions

Microsoft Edge Security Advisory. [Published Date: 2024-09-26]

Microsoft published a security update to address vulnerabilities in Microsoft Edge Extended Stable Channel - versions prior to 29.0.2792.65.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

Cisco Security Advisory. [Published Date: 2024-09-25]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Cisco 1000 Series Integrated Services Routers (ISRs)
• Cisco ASR 1000 Series Aggregation Service Routers
• Cisco Catalyst 8000v Edge Software
• Cisco Catalyst 8200 Series Edge Platforms
• Cisco Catalyst 8300 Series Edge Platforms
• Cisco Catalyst 8500L Edge Platforms
• Cisco Catalyst IR8300 Rugged Series Routers
• Cisco Catalyst Center
• Cisco cBR-8 Converged Broadband Routers
• Cisco Crosswork NSO
• Cisco IOS XE Software - multiple versions
• Cisco IOS Software - multiple versions
• Cisco Optical Site Manager
• Cisco RV340 Dual WAN Gigabit VPN Routers

HPE Security Advisory. [Published Date: 2024-09-25]

HPE published a security advisory to address vulnerabilities in HPE Aruba Networking Access Points running Instant AOS-8 and AOS-10 - multiple versions.

Review the HPE security bulletins and apply the necessary updates.

GitLab Security Advisory. [Published Date: 2024-09-25]

GitLab published a security advisory to address vulnerabilities in the following products:

• GitLab Community Edition (CE) - versions prior to 4.1, 17.3.4, 17.2.8, 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8 and 16.0.10
• GitLab Enterprise Edition (EE) - versions prior to 17.4.1, 17.3.4, 17.2.8, 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8 and 16.0.10

• GitLab Critical Patch Release: 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8, 16.0.10
• GitLab Patch Release: 17.4.1, 17.3.4, 17.2.8
• GitLab Releases

Dell Security Advisory. [Published Date: 2024-09-22]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• PowerPath Managment Appliance - versions prior to 3.4 sp2 p02 and versions prior to 4.0 p02
• Dell PowerStore - multiple versions and models

Red Hat Security Advisory. [Published Date: 2024-09-22]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms

Ubuntu Security Advisory. [Published Date: 2024-09-22]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS

IBM Security Advisory. [Published Date: 2024-09-22]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• IBM watsonx.data - versions 1.0.0 to 1.1.3, 1.0.0 to 1.1.4, 1.0.0 to 2.0.0, 1.1.0, 1.1.0 to 1.1.4, 1.1.3 and 2.0.0
• Watsonx.data - versions 1.0.0 to 2.0.0, 1.0.0 to 2.0.1 and 1.1.0 to 2.0.0

Microsoft Edge Security Advisory. [Published Date: 2024-09-19]

Microsoft published a security update to address vulnerabilities in Microsoft Edge Extended Stable Channel - versions prior to 129.0.2792.52.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

Atlassian Security Advisory. [Published Date: 2024-09-18]

Atlassian published security advisories to address vulnerabilities in the following products:

• Bamboo Data Center and Server - multiple versions
• Bitbucket Data Center and Server - multiple versions
• Confluence Data Center and Server - multiple versions
• Crowd Data Center and Server - multiple versions

HPE Security Advisory. [Published Date: 2024-09-18]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE Aruba Networking AOS - multiple versions
• HPE Aruba Networking SD-WAN - multiple versions
• HPE StoreEasy 1660 Storage - versions prior to v2.20_08-07-2024 or prior to v3.30_07-31-2024
• HPE StoreEasy 1860 Storage - versions prior to v2.20_08-07-2024 or prior to v3.30_07-31-2024
• HPE StoreEasy 1670 Expanded Storage - versions prior to v2.20_08-07-2024
• HPE StoreEasy 1860 Expanded Storage - versions prior to v2.20_08-07-2024
• HPE StoreEasy 1870 Expanded Storage - versions prior to v2.20_08-07-2024
• HPE StoreEasy 1460 Storage - versions prior to v3.30_07-31-2024
• HPE StoreEasy 1560 Storage - versions prior to v3.30_07-31-2024
• HPE StoreEasy 1660 Expanded Storage - versions prior to v3.30_07-31-2024
• HPE StoreEasy 1660 Performance Storage - versions prior to v3.30_07-31-2024
• HPE StoreEasy 1860 Performance Storage - versions prior to v3.30_07-31-2024
• HPE Storage File Controller - versions prior to v3.30_07-31-2024
• HPE Storage Performance File Controller - versions prior to v3.30_07-31-2024
• HPE StoreEasy 1450 Storage - versions prior to v3.40_08-29-2024
• HPE StoreEasy 1550 Storage - versions prior to v3.40_08-29-2024
• HPE StoreEasy 1650 Storage - versions prior to v3.40_08-29-2024
• HPE StoreEasy 1850 Storage - versions prior to v3.40_08-29-2024
• HPE StoreEasy 1650 Expanded Storage - versions prior to v3.40_08-29-2024
• HPE StoreEasy 3850 Gateway Storage - versions prior to v3.30_07-31-2024
• HPE 3PAR StoreServ File Controller v3 System - versions prior to v3.30_07-31-2024

• HPE Security Bulletin - hpesbhf04704en_us
• HPE Security Bulletin - hpesbnw04709en_us

VMware Security Advisory. [Published Date: 2024-09-17]

VMware released a security advisory to address vulnerabilities in the following products:

• vCenter Server - versions 7.0 and 8.0
• VMware Cloud Foundation - versions 5.x and 4.x

GitHub Security Advisory. [Published Date: 2024-09-17]

GitHub published a security advisory to address a critical vulnerability in the following products:

• GitLab Community Edition (CE) - versions prior to 3.3, 17.2.7, 17.1.8, 17.0.8 and 16.11.10
• GitLab Enterprise Edition (EE) - versions prior to 17.3.3, 17.2.7, 17.1.8, 17.0.8 and 16.11.10

Google Chrome Security Advisory. [Published Date: 2024-09-17]

Google has released security updates to address multiple vulnerabilities affecting  Stable Channel Chrome versions 129.0.6668.58 for Linux and prior to 129.0.6668.58/.59 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Google Chrome Security Advisory. [Published Date: 2024-09-17]

Google has released security updates to address multiple vulnerabilities affecting  Stable Channel Chrome versions 129.0.6668.70 for Linux and prior to 129.0.6668.70/.71 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Apple Security Advisory. [Published Date: 2024-09-16]

Apple published security updates to address vulnerabilities in the following products:

• iOS and iPadOS - versions prior to 18
• macOS Sequoia - versions prior to 15
• tvOS - versions prior to 18
• watchOS - versions prior to 11
• visionOS - versions prior to 2
• Safari - versions prior to 18
• iOS and iPadOS - versions prior to 17.7
• macOS Sonoma - versions prior to 14.7
• macOS Sonoma - versions prior to 14.5
• macOS Ventura - Versions prior to 13.7

• iOS and iPadOS - versions prior to 18
• macOS Sequoia - versions prior to 15
• tvOS - versions prior to 18
• watchOS - versions prior to 11
• visionOS - versions prior to 2
• Safari - versions prior to 18
• iOS and iPadOS - versions prior to 17.7
• macOS Sonoma - versions prior to 14.7
• macOS Sonoma - versions prior to 14.7
• macOS Ventura - Versions prior to 13.7

HPE Security Advisory. [Published Date: 2024-09-16]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE ProLiant DL110 Gen10 Plus Telco server - versions prior to v2.20_08-07-2024
• HPE ProLiant DL360 Gen10 Plus server - versions prior to v2.20_08-07-2024
• HPE ProLiant DL380 Gen10 Plus server - versions prior to v2.20_08-07-2024
• HPE Synergy 480 Gen10 Plus Compute Module - versions prior to v2.20_08-07-2024
• HPE Apollo 4200 Gen10 Plus System - versions prior to v2.20_08-07-2024
• HPE ProLiant XL190r Gen9 Server - versions prior to v3.32_08-29-2024
• HPE ProLiant XL170r Gen9 Server - versions prior to v3.32_08-29-2024
• HPE ProLiant DL60 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL80 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL120 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL160 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL180 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL360 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL380 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL560 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant DL580 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant ML110 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant ML150 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE ProLiant ML350 Gen9 Server - versions prior to v3.40_08-29-2024
• HPE Synergy 480 Gen9 Compute Module - versions prior to v3.40_08-29-2024
• HPE Synergy 620 Gen9 Compute Module - versions prior to v3.40_08-29-2024
• HPE Synergy 660 Gen9 Compute Module - versions prior to v3.40_08-29-2024
• HPE Synergy 680 Gen9 Compute Module - versions prior to v3.40_08-29-2024
• HPE Edgeline e920 Server Blade - versions prior to v2.20_08-07-2024
• HPE Edgeline e920d Server Blade - versions prior to v2.20_08-07-2024
• HPE Edgeline e920t Server Blade - versions prior to v2.20_08-07-2024

Ubuntu Security Advisory. [Published Date: 2024-09-15]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS

Dell Security Advisory. [Published Date: 2024-09-15]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Cyber Sense - versions prior to 1.5.0-47
• Dell Avamar Data Store Switch S4128F - version 10.5.4.1
• Dell Data Protection Central DPC-OSupdate - versions prior to 1.1.19-1
• PowerProtect DP Series (Integrated Data Protection Appliance) DPC-OSupdate - versions prior to 1.1.19-1
• PowerScale InsightIQ - versions 5.0 to 5.1
• ThinOS - cisco_jabber_14.3.0.308378.11 and liquidware_stratusphere_ux_connector_id_agent_6.7.0.2.2

Microsoft Edge Security Advisory. [Published Date: 2024-09-12]

Microsoft published a security update to address vulnerabilities in Microsoft Edge Extended Stable Channel - versions prior to 128.0.2739.79.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

SolarWinds Security Advisory. [Published Date: 2024-09-12]

SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Access Rights Manager (ARM) - version 2024.3 and prior.

Review the SolarWinds Security Advisory and apply the necessary updates.

Palo Alto Networks Security Advisory. [Published Date: 2024-09-11]

Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• PAN-OS - versions prior to 11.2.3
• Prisma Access Browser - version 128.91.2869.7 and prior

• Palo Alto Networks Security Advisories - PAN-SA-2024-0009
• Palo Alto Networks Security Advisories - CVE-2024-8686

Intel Security Advisory. [Published Date: 2024-09-11]

Intel published security advisories to address vulnerabilities in UEFI Firmware.

Review the provided Intel Security Advisories and perform the suggested mitigations.

Cisco Security Advisory. [Published Date: 2024-09-11]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Cisco Crosswork NSO - multiple versions
• Cisco Optical Site Manager - versions prior to 24.3.1
• Cisco RV340 Dual WAN Gigabit VPN Routers - all versions
• Cisco ConfD - multiple versions
• Cisco IOS XR Software - versions 7.7.1 to 7.11.2, 24.1.1 and later
• Cisco IOS XR 64-Bit Software - multiple versions
• Cisco Routed Passive Optical Network (PON) Controller Software - multiple products and models

GitHub Security Advisory. [Published Date: 2024-09-11]

GitHub published a security advisory to address a critical vulnerability in the following products:

• GitLab Community Edition (CE) - versions prior to 17.3.2, 17.2.5, and 17.1.7
• GitLab Enterprise Edition (EE) - versions prior to 17.3.2, 17.2.5, and 17.1.7

SAP Security Advisory - September 2024 Monthly Rollup. [Published Date: 2024-09-10]

SAP published security advisories to address vulnerabilities SAP BusinessObjects Business Intelligence Platform - versions ENTERPRISE 430, 440.

Review the SAP Security Patch Day - September 2024 and apply the necessary updates.

Ivanti Security Advisory. [Published Date: 2024-09-10]

Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• Ivanti IWC - versions 10.18.0.0 and prior
• Ivanti Cloud Services Appliance (CSA) - version CSA 4.6 (versions prior to Patch 519)
• Ivanti Endpoint Manager - version 2024 and versions 2022 SU5 and prior

• Security Advisory: Ivanti Workspace Control (IWC)
• Security Advisory: EPM September 2024 for EPM 2024 and EPM 2022
• Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190)

Microsoft September 2024 Security Updates. [Published Date: 2024-09-10]

Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

• Azure Connected Machine Agent
• Azure CycleCloud - multiple versions and platforms
• Azure Health Bot
• Azure Network Watcher VM Extension for Windows
• Azure Stack Hub
• Azure Web Apps
• Microsoft 365 Apps for Enterprise - multiple platforms
• Microsoft AutoUpdate for Mac
• Microsoft Dynamics 365 (on-premises) - version 9.1
• Microsoft Dynamics 365 Business Central 2023 Release Wave 1
• Microsoft Excel 2016
• Microsoft Office - multiple versions and platforms
• Microsoft Outlook 2016 - multiple platforms
• Microsoft Project 2016 - multiple platforms
• Microsoft Publisher 2016
• Microsoft SharePoint Enterprise Server 2016
• Microsoft SQL Server - multiple versions and platforms
• Microsoft Teams for iOS
• Microsoft Visio 2016 multiple platforms
• Microsoft Visual Studio 2022 - multiple versions
• .NET - version 8.0
• Power Automate for Desktop
• Remote Desktop client for Windows Desktop
• Windows 10 - multiple versions and platforms
• Windows 11 - multiple versions and platforms
• Windows Server - multiple versions and platforms

Adobe Security Advisory. [Published Date: 2024-09-10]

Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

• Acrobat DC - versions 24.003.20054 and prior (Windows), version 24.002.21005 and prior (MacOS)
• Acrobat Reader DC - version 24.003.20054 and prior (Windows), version 24.002.21005 and prior (MacOS)
• Acrobat 2024 - version 24.001.30159 and prior
• Acrobat 2020 - version 20.005.30655 and prior
• Adobe Audition - version 24.4.1 and prior, version 23.6.6 and prior
• Adobe After Effects - version 24.5 and prior, version 23.6.6 and prior
• Adobe Media Encoder - versions 24.6 and 23.6.9
• Adobe Premiere Pro - version 24.5 and prior, version 23.6.8 and prior
• Illustrator 2024 - version 28.6 and prior
• Illustrator 2023 - version 27.9.5 and prior
• Acrobat Reader 2020 - version 20.005.30655 and prior
• ColdFusion 2023 - version Update 9 and prior
• ColdFusion 2021 - version Update 15 and prior
• Photoshop 2023 - version 24.7.4 and prior
• Photoshop 2024 - version 25.11 and prior

Citrix Security Advisory. [Published Date: 2024-09-10]

Citrix published a security Advisory to address a vulnerability in Citrix Workspace App for Windows.

Review Citrix security advisory and apply necessary updates.

Ubuntu Security Advisory [Published Date: 2024-09-08]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting Ubuntu 18.04 ESM.

Review the Ubuntu Security Notices and apply the necessary updates.

Red Hat Security Advisory. [Published Date: 2024-09-08]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms

Dell Security Advisory. [Published Date: 2024-09-08]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• CloudBoost Virtual Appliance - versions 19.7 to 19.11
• DELL EMC Metronode - versions prior to 8.0.1

• Dell Security Update (CloudBoost Virtual Appliance)
• Dell Security Update (DELL EMC Metronode)
• Dell Security advisories and notices

SonicWall Security Advisory. [Published Date: 2024-09-06]

SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• SOHO (Gen 5) 5.9.2.14-12o and older versions
• Gen6 Firewalls 6.5.4.14-109n and older versions
• Gen7 Firewalls SonicOS build version 7.0.1-5035 and older versions

Cisco Security Advisory. [Published Date: 2024-09-04]

Cisco published a security advisory to address a vulnerability in the Cisco Smart Licensing Utility - versions 2.0.0, 2.1.0 and 2.2.0.

Review the Cisco Security Advisory and apply the necessary updates.

Drupal Security Advisory. [Published Date: 2024-09-04]

Drupal published security advisories to address vulnerabilities in Advanced Paragraphs table - versions prior to 8.x-1.23.0 and versions prior to 2.0.2.

Review the provided Drupal Security Advisory and apply the necessary updates.

Veeam Security Advisory. [Published Date: 2024-09-04]

Veeam published security advisories to address vulnerabilities in the following products:

• Veeam Backup & Replication - 12.x version 12.1.2.172 and prior
• Veeam ONE - 12.x version 12.1.0.3208 and prior
• Veeam Service Provider Console - 8.x version 8.0.0.19552 and prior
• Veeam Agent for Linux - 6.x version 6.1.2.1781 and prior
• Veeam Backup for Nutanix AHV - 12.x version 12.5.1.8 and prior
• Veeam Backup for Oracle Linux Virtualization Manager - 12.x version 12.4.1.45 and prior

IBM Security Advisory. [Published Date: 2024-09-03]

IBM published security advisory to address vulnerability IBM Concert Software - versions 1.0F03.

Review the IBM Security Bulletins - 7166857 and apply the necessary updates.

Mozilla Security Advisory. [Published Date: 2024-09-03]

Mozilla published security advisories to address vulnerabilities in the following products:

• Firefox ESR - versions prior to 115.15
• Firefox ESR - versions prior to 128.2
• Firefox - versions prior to 130

• Mozilla Security Advisory (MFSA 2024-41)
• Mozilla Security Advisory (MFSA 2024-40)
• Mozilla Security Advisory (MFSA 2024-39)

VMware Security Advisory. [Published Date: 2024-09-03]

VMware released a security advisory to address multiple vulnerabilities in VMware Fusion - versions 13.x prior to 13.6.

Review VMware security advisory VMSA-2024-0018 and apply the necessary updates.

HPE Security Advisory. [Published Date: 2024-09-03]

HPE published a security advisory to address vulnerabilities in the HPE Unified OSS Console (UOC) - versions prior to v3.1.8.

Review the HPE Security Bulletin and apply the necessary updates.

Android security advisory - September 2024 Monthly Rollup. [Published Date: 2024-09-03]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android Security Bulletin and apply the necessary updates.

HPE Security Advisory. [Published Date: 2024-09-03]

HPE published a security advisory to address vulnerabilities in the HPE Virtual Tape Repository (VTR) - versions T0964V01 and T0964V01 AAA to AAJ.

Review the HPE Security Bulletin and apply the necessary updates.

Dell Security Advisory. [Published Date: 2024-09-01]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following::

• APEX Cloud Platform Foundation Software - versions prior to 03.01.00.00
• APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.14.31
• Dell Connectrix (Brocade) - versions prior to 9.2.0
• Dell RecoverPoint for Virtual Machines - version 6.0.sp1
• PowerScale OneFS - multiple versions

Ubuntu Security Advisory. [Published Date: 2024-09-01]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM

• Ubuntu Security Notice (USN-6972-4)
• Ubuntu Security Notice (USN-6973-3)

Red Hat Security Advisory. [Published Date: 2024-09-01]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms

Google Chrome Security Advisory. [Published Date: 2024-08-28]

Google has released security updates to address multiple vulnerabilities affecting  Stable Channel Chrome versions 128.0.6613.113 for Linux and prior to 128.0.6613.113/.114 for Windows, and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Cisco Security Advisory. [Published Date: 2024-08-28]

Cisco published a security advisory to address a vulnerability in the Nexus 3000, 7000 and 9000 Series Switches running Cisco NX-OS Software.

Review the Cisco Security Advisory and apply the necessary updates.