Security Advisories

IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework (CVE-2023-20883 and CVE-2016-1000027)
Published On: Feb 08, 2024 (9 months ago)
Reference No: TZCERT/SA/2024/02/08-2
Overview:
The vulnerabilities with CVEID CVE-2016-1000027 and CVE-2023-20883 res...
Read more
Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities (CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255)
Published On: Feb 08, 2024 (9 months ago)
Reference No: TZCERT/SA/2024/02/08-1
Overview:
Following insufficient CSRF protection for the web-based management in...
Read more
Unified CM and Unity Connection remote code execution and file upload vulnerabilities (CVE-2024-20253 and CVE-2024-20272)
Published On: Feb 02, 2024 (10 months ago)
Reference No: TZCERT/SA/2024/02/02
Overview:
CVE-2024-20253 is resulting from the improper processing of user-provi...
Read more
Apple WebKit Zero-Day vulnerability (CVE-2024-23222)
Published On: Jan 25, 2024 (10 months ago)
Reference No: TZCERT/SA/2024/01/24
Overview:
The vulnerability (CVE-2024-23222, CVSS score: 7.5) is a type of confu...
Read more
GitLab Critical Security Release for GitLab Community Edition (CE) and Enterprise Edition (EE)
Published On: Jan 15, 2024 (10 months ago)
Reference No: TZCERT/SA/2024/01/15
Overview:
The vulnerability (CVE-2023-7028, CVSS score: 10) is caused by a fault...
Read more
Ivanti VPN Zero-Day Vulnerability (CVE-2024-21887 and CVE-2023-46805)
Published On: Jan 15, 2024 (10 months ago)
Reference No: TZCERT/SA/2024/01/15
Overview:
CVE-2024-21887 (CVSS score of 9.1) is a command injection vulnerabilit...
Read more
Juniper Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution (CVE-2024-21591)
Published On: Jan 15, 2024 (10 months ago)
Reference No: TZCERT/SA/2024/01/15
Overview:
This is caused by the Out-of-bounds Write vulnerability in J-Web of Ju...
Read more
Postfix: SMTP smuggling vulnerability (CVE-2023-51764) - CVE-2023-51764)
Published On: Jan 08, 2024 (10 months ago)
Reference No: TZCERT/SA/2023/01/08
Overview:
By exploiting interpretation differences of the SMTP protocol, it is p...
Read more
Active Exploitation of High Severity Vulnerability in GNU C Library (CVE-2023-4911)
Published On: Nov 08, 2023 (1 year ago)
Reference No: TZCERT/SA/2023/11/08
Overview:
Advisory No: TZCERT/SA/2023/11/08 Date of First Release: 8th Novemb...
Read more

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Report Incident