Tanzania Computer Emergency Response Team

TZCERT-SU-24-0095 (Drupal Security Update)

26th January 2024

Drupal has released security updates to address vulnerabilities in Swift mailer, Open Social and TFA. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Drupal Security Advisories sa-contrib-2024-006, sa-contrib-2024-005 and sa-contrib-2024-003 and apply necessary updates.

TZCERT-SU-24-0094 (Oracle Linux Security Update)

26th January 2024

Oracle has released security updates to address vulnerabilities in rpm, tomcat, sqlite, openssl, python-urllib, php and python. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Oracle Linux Security Advisories ELSA-2024-0463, ELSA-2024-0474, ELSA-2024-0465, ELSA-2024-12093, ELSA-2024-0464, ELSA-2024-0387 and ELSA-2024-0466 …

TZCERT-SU-24-0093 (HP Security Update)

26th January 2024

Hewlett-Packard has released security updates to address vulnerabilities in HPE OneView and Qualcomm WLAN. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisories hpesbgn04586 and hpsbhf03908 and apply necessary updates.

TZCERT-SU-24-0092 (Mageia Security Update)

26th January 2024

Mageia has released security updates to address vulnerabilities in chromium-browser and avahi. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Mageia Security Advisories MGASA-2024-0017 and MGASA-2024-0016 and apply necessary updates.

TZCERT-SU-24-0091 (Lenovo Security Update)

26th January 2024

Lenovo has released security updates to address vulnerabilities in BIOS Image, TianoCore, NVIDIA, Intel and AMD graphics. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Lenovo Security Advisory LEN-145284, LEN-144841, LEN-121185, LEN-115701, LEN-115697 and LEN-106015 and apply …

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0095 (Drupal Security Update)

TZCERT-SU-24-0094 (Oracle Linux Security Update)

TZCERT-SU-24-0093 (HP Security Update)

TZCERT-SU-24-0092 (Mageia Security Update)

TZCERT-SU-24-0091 (Lenovo Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)