Tanzania Computer Emergency Response Team

TZCERT-SU-24-0533 (Oracle Linux Security Update)

27th May 2024

Oracle has released security update to address vulnerabilities in tomcat. Exploitation of these vulnerabilities may allow an attacker to cause a denial service condition. Users and administrators are encouraged to review Oracle Linux Security Advisory and apply necessary updates.

TZCERT-SU-24-0532 (WordPress Security Update)

27th May 2024

Wordfence has released security updates to address vulnerabilities in Email Log, HT Mega, YITH WooCommerce Ajax Search and Pie Register. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories email-log, ht-mega, yith-woocommerce-ajax-search and pie-register and …

Critical Authentication Bypass Vulnerability in The GitHub Enterprise Server (CVE-2024-4985)

23rd May 2024

Advisory No: TZCERT/SA/2024/05/23 Date of First Release: 23rd May 2024 Source: GitHub Software Affected: GitHub Enterprise Server (GHES) prior to Version 3.13.0 Overview: GitHub Enterprise Servers (GHES) prior to version 3.13.0 is affected by a critical authentication bypass vulnerability. The vulnerability allows an unauthorized access to the instance without requiring …

TZCERT-SU-24-0531 (Cisco Security Update)

22nd May 2024

Cisco has released security updates to address a security vulnerability in Cisco OpenDNS service. Exploitation of this vulnerability may allow an attacker to cause denial of service condition to an affected system. Users and Administrators are encouraged to review Cisco Security Advisory and apply necessary updates.

TZCERT-SU-24-0530 (Mageia Security Update)

22nd May 2024

Mageia has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Mageia Security Advisories dated 21st May 2024 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0533 (Oracle Linux Security Update)

TZCERT-SU-24-0532 (WordPress Security Update)

Critical Authentication Bypass Vulnerability in The GitHub Enterprise Server (CVE-2024-4985)

TZCERT-SU-24-0531 (Cisco Security Update)

TZCERT-SU-24-0530 (Mageia Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)