Tanzania Computer Emergency Response Team

Advisory No: TZCERT/SA/2024/05/17-4 Date of First Release: 17th May 2024 Source: Drupal Software Affected: RESTful Web Services Overview: Drupal plugin is vulnerable to a critical vulnerability. The attackers can leverage the vulnerability to bypass access controls. Description: RESTful Web Services in Drupal CMS is affected by a critical vulnerability as …

Advisory No: TZCERT/SA/2024/05/17-3 Date of First Release: 17th May 2024 Source: Hewlett-Packard Software Affected: Aruba Access Points running InstantOS and ArubaOS 10 Overview: Aruba Access Points are vulnerable to multiple critical vulnerabilities. The attackers can leverage the vulnerabilities to execute arbitrary code on the affected Access Point. Description: Aruba Access …

Advisory No: TZCERT/SA/2024/05/17-2 Date of First Release: 17th May 2024 Source: GitHub Software Affected: Magento Commerce, Magento Open Source Overview: Magento applications are vulnerable to multiple critical vulnerabilities. The attacker can leverage the vulnerabilities to execute remote code commands. Description: Magento Commerce and Magento Open Source are affected by critical …

Advisory No: TZCERT/SA/2024/05/17-1 Date of First Release: 17th May 2024 Source: Adobe Software Affected: Adobe Acrobat and Reader, Adobe Illustrator, Adobe Substance 3D Painter, Adobe Aero, Adobe Animate, Adobe FrameMaker, and Adobe Dreamweaver Overview: Multiple Adobe products are vulnerable to critical vulnerabilities. The attackers can leverage the vulnerabilities to execute arbitrary code …

Intel has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Intel Security Advisories dated 14th May 2024 and apply necessary updates.