Tanzania Computer Emergency Response Team

TZCERT-SU-24-0505 (Cisco Security Update)

17th May 2024

Cisco has released security updates to address vulnerabilities in Cisco Crosswork, ConfD CLI, Cisco Secure Email and Cisco Secure Web Manager. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Cisco Security Advisories cisco-sa-nso-hcc-priv-esc, cisco-sa-cnfd-rwpesc and cisco-sa-esa-sma and apply necessary …

TZCERT-SU-24-0504 (Slackware Security Update)

17th May 2024

Slackware has released security updates to address vulnerabilities in git, gdk-pixbuf2, Firefox and libxml2. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Slackware Security Advisories slackware-83523, slackware-354837, slackware-446512 and slackware-347584 and apply necessary updates.

TZCERT-SU-24-0503 (IBM Security Update)

17th May 2024

IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review IBM Security Advisories dated 15th May 2024 and apply necessary updates.

TZCERT-SU-24-0502 (Lenovo Security Update)

17th May 2024

Lenovo has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Lenovo Security Advisories dated 14th May 2024 and apply necessary updates.

TZCERT-SU-24-0501 (Wireshark Security Update)

17th May 2024

Wireshark has released security updates to address vulnerabilities in Wireshark 4.2.5, 4.0.15, and 3.6.23. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition. Users and administrators are encouraged to review Wireshark Security Advisories wnpa-sec-2024-07, wnpa-sec-2024-08 and wnpa-sec-2024-09 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0505 (Cisco Security Update)

TZCERT-SU-24-0504 (Slackware Security Update)

TZCERT-SU-24-0503 (IBM Security Update)

TZCERT-SU-24-0502 (Lenovo Security Update)

TZCERT-SU-24-0501 (Wireshark Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)