security-advisories

Advisory No: TZCERT/SA/2024/04/19 Date of First Release: 19th April 2024 Source: Hewlett Packard Enterprise (HPE) Software Affected: HPE Compute Scale-up Server 3200, HPE Superdome Flex 280 Server and HPE Superdome Flex Server Overview: Three HPE products are affected by the critical vulnerability. The vulnerability may allow an attacker to execute …

Advisory No: TZCERT/SA/2024/04/15 Date of First Release: 15th April 2024 Source: Palo Alto Software Affected: PAN-OS versions 10.2, 11.0, and 11.1 Overview: Palo Alto’s PAN-OS is affected by the critical command injection vulnerability. The vulnerabilities may allow an attacker to execute arbitrary code with root privileges on the firewall. Description: …

Advisory No: TZCERT/SA/2024/04/12-2 Date of First Release: 12th April 2024 Source: IBM Software Affected: IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector Overview: IBM products are affected by the critical arbitrary command execution. The vulnerabilities may allow an attacker to remote codes on the affected system. …

Advisory No: TZCERT/SA/2024/04/12-1 Date of First Release: 12th April 2024 Source: Wordfence, patchstack Software Affected: AIKit <= 4.14.1 Overview: CodeIsAwesome’s AIKit plugin is vulnerable to SQL Injection. The plugin’s vulnerability may allow an attacker to interact with the database and steal information. Description: AIKit is a WordPress AI Assistant that …

Advisory No: TZCERT/SA/2024/04/02 Date of First Release: 2nd April 2024 Source: Arch Linux, Red Hat Software Affected: XZ Library versions 5.6.0 and 5.6.1 Overview: Arch Linux and Red Hat have released security patches to address a critical vulnerability affecting the xz library. The vulnerability could allow an attacker to execute …

Advisory No: TZCERT/SA/2024/03/21-02 Date of First Release: 21st March 2024 Source: Atlassian Software Affected: Bamboo Data Center and Bamboo Server Overview: Atlassian has released security patches to address a critical vulnerability affecting Bamboo Data Center and Bamboo Server. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability. …

Advisory No: TZCERT/SA/2024/03/21-01 Date of First Release: 21st March 2024 Source: QNAP Software Affected: QTS, QuTS hero, QuTScloud, myQNAPcloud Overview: QNAP has released security patches to address the critical vulnerabilities affecting QTS, QuTS hero, QuTScloud, and myQNAPcloud . These vulnerabilities could allow an attacker to inject malicious code and execute …

Advisory No: TZCERT/SA/2024/03/13-03 Date of First Release: 13th March 2024 Source: IBM Software Affected: IBM Instana Observability Overview: IBM has released security patches to address critical vulnerabilities affecting IBM Instana Observability. The vulnerabilities could allow an attacker to execute arbitrary code on the affected system. Description: IBM Instana Observability is …

Advisory No: TZCERT/SA/2024/03/13-02 Date of First Release: 13th March 2024 Source: Apple Software Affected: macOS Ventura and macOS Sonoma Overview: Apple has released security update to address a critical vulnerability affecting macOS Ventura and macOS Sonoma. The vulnerability could allow an attacker to execute arbitrary code on the affected system. …

Advisory No: TZCERT/SA/2024/03/13-01 Date of First Release: 14th July 2023 Previous Advisory Number: TZCERT/SA/2023/07/14-03 Source: Cisco Software Affected: Cisco SD-WAN vManage software Overview: Cisco has released security patches to address a critical vulnerability affecting Cisco SD-WAN vManage software. The vulnerability could allow an attacker to attain unauthenticated access to REST …