security-advisories

Advisory No: TZCERT/SA/2023/08/31 Date of First Release: 31st August 2023 Source: VMWARE Software Affected:  VMware Aria Operations for Networks Overview: VMware has released patches to address critical security vulnerabilities affecting Aria Operations for Networks. These vulnerabilities could allow an attacker to take control of the affected system. Description: The authentication bypass and …

Advisory No: TZCERT/SA/2023/08/11 Date of First Release: 11th August 2023 Source: Ivanti Overview: Ivanti has released security patches to address a critical vulnerability affecting multiple versions of Ivanti End Point Manager Mobile (EPMM). This vulnerability could allow an attacker to obtain sensitive information and take control of an affected system. …

Advisory No: TZCERT/SA/2023/08/02 Date of First Release: 2nd August 2023 Source: Citrix Software Affected: Citrix ADC and Citrix Gateway Overview: Citrix has released security patches to address critical vulnerabilities affecting the NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). These vulnerabilities could allow an attacker to execute …

Advisory No: TZCERT/SA/2023/07/14-01 Date of First Release: 14th July 2023 Source: Microsoft Software Affected: Microsoft Office and Windows Overview: Microsoft has released security workaround to address a critical vulnerability affecting Microsoft Office and Windows. The vulnerability may allow an attacker to take control of affected system. Description: Microsoft Office and …

Advisory No: TZCERT/SA/2023/07/14-02 Date of First Release: 14th July 2023 Source: Citrix Software Affected: Citrix ADC Overview: Citrix has released security patches to address a critical vulnerability affecting the secure access client for Ubuntu. The vulnerability could allow an attacker to execute arbitrary code. Description: Citrix Secure Access client for …

Advisory No: TZCERT/SA/2023/07/14-03 Date of First Release: 14th July 2023 Source: Cisco Software Affected: Cisco SD-WAN vManage software Overview: Cisco has released security patches to address a critical vulnerability affecting Cisco SD-WAN vManage software. The vulnerability could allow an attacker to attain unauthenticated access to REST API. Description: Cisco SD-WAN …

Advisory No: TZCERT/SA/2023/04/28 Date of First Release: 28th April 2023 Source: VMware Software Affected: VMware Workstation17.x and VMware Fusion 13.x Overview: VMware has released patches to address a critical vulnerability affecting VMware Workstation and VMware Fusion. The vulnerability could allow an attacker to take control of affected system. Description: VMware …

Advisory No: TZCERT/SA/2023/04/20 Date of First Release: 20th April 2023 Source: Google Software Affected:  Google Chrome prior to 112.0.5615.137 (Mac), and Google Chrome prior to 112.0.5615.137/138 (Windows) Overview: Google has released security patches to address the Zero Day vulnerability affecting Google Chrome browser for both Mac and Windows operating systems. This vulnerability could …

Advisory No: TZCERT/SA/2023/03/17 Date of First Release: 17th March 2023 Source: Microsoft Software Affected:  Microsoft Outlook for Windows Overview: Microsoft has released security patches to address the elevation of privilege vulnerability affecting Outlook for Windows. Microsoft Outlook is a personal information manager software from Microsoft for email clients that has several features such as …

Advisory No: TZCERT/SA/2023/02/24 Date of First Release: 24th February 2023 Source: VMWARE Software Affected:  App Control: 8.9.x, 8.8.x, 8.7.x ( Running on Windows) Overview: VMware has released patches to address a critical security vulnerability affecting Carbon Black App Control, an enterprise solution for preventing untrusted software from executing on critical systems and endpoints. …