Tanzania Computer Emergency Response Team

TZCERT-SU-24-0165 (Typo3 Security Update)

16th February 2024

Typo3 has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Typo3 Security Advisories dated 13th February 2024 and apply necessary updates.

TZCERT-SU-24-0164 (HP Security Update)

16th February 2024

Hewlett-Packard has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisories hpesbhf04592, hpesbhf04591, hpesbhf04594, hpesbhf04566, hpsbhf03910, hpsbhf03881 and hpsbhf03915 and apply necessary updates.

TZCERT-SU-24-0163 (IBM Security Update)

16th February 2024

IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review IBM Security Advisories and apply necessary updates.

TZCERT-SU-24-0162 (QNAP Security Update)

16th February 2024

QNQP has released security updates to address vulnerabilities in QTS, QuTS hero and QuTScloud. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review QNAP Security Advisory and apply necessary updates.

Revolution Slider Plugin Remote Code Execution (CVE-2023-2359)

15th February 2024

Advisory No: TZCERT/SA/2024/02/15 Date of First Release: 15th February 2024 Source: WPScan Software Affected: Revolution Slider Plugin version <= 6.6.12 Overview: The vulnerability exists in the Revolution Slider plugin prior to version <= 6.6.12. Successfully exploitation of this vulnerability could allow a remote attacker to execute code on the affected …

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0165 (Typo3 Security Update)

TZCERT-SU-24-0164 (HP Security Update)

TZCERT-SU-24-0163 (IBM Security Update)

TZCERT-SU-24-0162 (QNAP Security Update)

Revolution Slider Plugin Remote Code Execution (CVE-2023-2359)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)