Tanzania Computer Emergency Response Team

TZCERT-SU-24-0599 (Ruby on Rails Security Update)

6th June 2024

Rails has released security updates to address vulnerabilities in include-permissions-policy and action_text_content. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Rails Security Advisories cve-2024-28103 and cve-2024-32464 and apply necessary updates.

TZCERT-SU-24-0598 (Android Security Update)

4th June 2024

Google has released security updates to address vulnerabilities in Android Devices. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Android Security Advisory and apply necessary updates.

TZCERT-SU-24-0597 (Red Hat Security Update)

4th June 2024

Red Hat has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Red Hat Security Advisories RHSA-2024:3563, RHSA-2024:3550 and RHSA-2024:3552 and apply necessary updates.

TZCERT-SU-24-0596 (WordPress Security Update)

4th June 2024

Wordfence has released security updates to address vulnerabilities in Social Link Pages, WP-DB-Table-Editor, Frontend Registration and WooCommerce. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories social-link-pages, wp-db-table-editor, frontend-registration-contact-form and social-login-lite-for-woocommerce and apply necessary updates.

TZCERT-SU-24-0595 (HP Security Update)

4th June 2024

Hewlett-Packard has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisory and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0599 (Ruby on Rails Security Update)

TZCERT-SU-24-0598 (Android Security Update)

TZCERT-SU-24-0597 (Red Hat Security Update)

TZCERT-SU-24-0596 (WordPress Security Update)

TZCERT-SU-24-0595 (HP Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)