security-advisories

Advisory No: TZCERT/SA/2024/07/10-2 Date of First Release: 10th July 2024 Source: Wordfence Software Affected: osm, iq-testimonials, forms-gutenberg, woo-product-tables Overview: WordPress is vulnerable to four critical vulnerabilities. Exploitation of these vulnerabilities makes remote code execution possible. Description: Four WordPress plugins namely osm, iq-testimonials, forms-gutenberg, and woo-product-tables are affected by the vulnerabilities …

Advisory No: TZCERT/SA/2024/07/10-1 Date of First Release: 10th July 2024 Source: IBM Software Affected:  PostgreSQL JDBC Driver, Apache Derby Overview: Multiple IBM products depending on  PostgreSQL JDBC Driver, and Apache Derby are vulnerable to critical vulnerabilities. Attackers can exploit the vulnerabilities to dump critical data or execute arbitrary code. Description: …

Advisory No: TZCERT/SA/2024/07/04-2 Date of First Release: 4th July 2024 Source: IBM Software Affected: IBM Observability with Instana (OnPrem) Overview: WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerability to take control of the affected system. Description: IBM Observability with Instana (OnPrem) is affected by a …

Advisory No: TZCERT/SA/2024/07/04-1 Date of First Release: 4th July 2024 Source: Wordfence Software Affected: wp-nested-pages, addons-for-elementor and IMGspider Overview: WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: Three WordPress plugins namely wp-nested-pages, addons-for-elementor and IMGspider as affected …

Advisory No: TZCERT/SA/2024/05/31-2 Date of First Release: 31st May 2024 Source: Hewlett-Packard (HP) Software Affected:  Servers Overview: HPE ProLiant and HPE Edgeline Servers are vulnerable to multiple high severity vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: The five high-severity vulnerabilities among other …

Advisory No: TZCERT/SA/2024/05/31-1 Date of First Release: 31st May 2024 Source: Wordfence Software Affected:  html5-video-player,  login-with-phone-number,  wp-staging Overview: WordPress is vulnerable to three critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: Three WordPress plugins namely html5-video-player,  login-with-phone-number,  wp-staging are affected by the …

Advisory No: TZCERT/SA/2024/05/24-2 Date of First Release: 24th May 2024 Source: Wordfence Software Affected: pie-register-social-site, email-log and ht-mega-for-elementor, Overview: WordPress is vulnerable to three critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: Three WordPress plugins namely pie-register-social-site, email-log and ht-mega-for-elementor as affected …

Advisory No: TZCERT/SA/2024/05/24-1 Date of First Release: 24th May 2024 Source: IBM Software Affected: IBM Cloud Object System, IBM QRadar SIEM, IBM Security Guardium, IBM Storage Copy, IBM Storage Protect, IBM Storage Scale System, IBM Cloud Pak for Data Scheduling, IBM Spectrum Protect Plus, IBM AIX IBM i, IBM QRadar, …

Advisory No: TZCERT/SA/2024/05/23 Date of First Release: 23rd May 2024 Source: GitHub Software Affected: GitHub Enterprise Server (GHES) prior to Version 3.13.0 Overview: GitHub Enterprise Servers (GHES) prior to version 3.13.0 is affected by a critical authentication bypass vulnerability. The vulnerability allows an unauthorized access to the instance without requiring …

Advisory No: TZCERT/SA/2024/05/17-6 Date of First Release: 17th May 2024 Source: IBM Software Affected: IBM Operational Decision Manager, IBM i Modernization Engine for Lifecycle Integration Overview: IBM applications are vulnerable to critical vulnerabilities. The attackers can leverage the vulnerability to execute arbitrary code on the affected system. Description: IBM Operational …