Tanzania Computer Emergency Response Team

Code Execution Vulnerability on NVIDIA Triton Inference Server for Linux (CVE-2024-0087)

3rd May 2024

Advisory No: TZCERT/SA/2024/05/02-1 Date of First Release: 2nd May 2024 Source: NVIDIA Software Affected: NVIDIA Triton Inference Server for Linux Overview: NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file that may result in compromise of confidentiality, integrity, …

TZCERT-SU-24-0455 (Foxit Security Update)

30th April 2024

Foxit has released security updates to address vulnerabilities in Foxit PDF Reader and Foxit PDF Editor for Windows and Mac. Exploitation of these vulnerabilities may allow an attacker to take control. Users and administrators are encouraged to review Foxit Security Advisories dated 28th April 2024 and apply necessary updates.

TZCERT-SU-24-0454 (Ubuntu Security Update)

30th April 2024

Ubuntu has released security updates to address vulnerabilities in FreeRDP, PHP, pillow, libvirt, gnuTLS, curl and less. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Ubuntu Security Advisories USN-6759-1, USN-6757-1, USN-6744-3, USN-6734-2, USN-6733-2, USN-6718-3 and USN-6756-1 and …

TZCERT-SU-24-0453 (Palo Alto Security Update)

30th April 2024

Palo Alto has released security updates to address a vulnerability in PAN-OS. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review Palo Alto Security Advisory and apply necessary updates.

TZCERT-SU-24-0452 (SUSE Security Update)

30th April 2024

SUSE has released security updates to address vulnerabilities in docker, ffmpeg, Linux kernel and shim. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review SUSE Security Advisories suse-su-20241469-1, suse-su-20241468-1, suse-su-20241466-1 and suse-su-20241462-1 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

Code Execution Vulnerability on NVIDIA Triton Inference Server for Linux (CVE-2024-0087)

TZCERT-SU-24-0455 (Foxit Security Update)

TZCERT-SU-24-0454 (Ubuntu Security Update)

TZCERT-SU-24-0453 (Palo Alto Security Update)

TZCERT-SU-24-0452 (SUSE Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)