Jenkins has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Jenkins Security Advisories dated 2nd May 2024 and apply necessary updates.
Read More »Current Activities
TZCERT-SU-24-0457 (Cisco Security Update)
Cisco has released security updates to address a vulnerability in Cisco IP Phone 6800, 7800, and 8800 Series. Exploitation of this vulnerability may allow an attacker to cause denial of service condition to an affected system. Users and Administrators are encouraged to review Cisco Security Advisories dated 2nd May 2024 …
Read More »TZCERT-SU-24-0456 (Dell Security Update)
Dell has released security updates to address vulnerabilities inDell Enterprise SONiC Distribution. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Dell Security Bulletin and apply necessary updates.
Read More »Remote code vulnerabilities in Xiaomi Pro 13 smartphone (CVE-2024-4406, CVE-2024-4405, CVE-2023-26322)
Advisory No: TZCERT/SA/2024/05/02-3 Date of First Release: 2nd May 2024 Source: Zero-Day Initiative Software Affected: Xiaomi Pro 13 Overview: Xiaomi Pro is vulnerable to three (3) critical vulnerabilities. The attackers can leverage the vulnerabilities to gain access to the affected smartphone. Description: The three vulnerabilities rated at 8.8 and tracked …
Read More »All-in-One Video Gallery Plugin Authenticated Arbitrary File Upload vulnerability (CVE-2024-4033)
Advisory No: TZCERT/SA/2024/05/02-2 Date of First Release: 2nd May 2024 Source: Wordfence Software Affected: All-in-One Video Gallery plugin for WordPress Overview: The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.6.4. Description: The …
Read More »