Wordfence has released security updates to address vulnerabilities in wp image slideshow, Jquery news ticker, Superb slideshow gallery, wp photo text slider, Message ticker and Popup with fancybox. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged are review Wordfence Security Advisories wp-image-slideshow, jquery-news-ticker, superb-slideshow-gallery, wp-photo-text-slider, message-ticker and popup-with-fancybox and apply necessary.

Mageia has released security update to address vulnerabilities in chromium. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged are review Mageia Security Advisory and apply necessary.

Insyde has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged are review Insyde Security Advisories SA-2023056, SA-2023055 and SA-2023054 and apply necessary.

Advisory No: TZCERT/SA/2023/10/27

Date of First Release: 27^th October 2023

Source: VMware

Software Affected:  VMware vCenter Server and VMware Cloud Foundation

Overview:

Two vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation have been disclosed. These vulnerabilities may lead to out-of-bounds write potentially leading to remote code execution.

Description:

VMware products are affected by multiple flaws that could result into a critical out-of-bound write (CVE-2023-34048) and access to unauthorized data by non-administrative privileged user. Successful exploitation of the critical flaw may allow an attacker to trigger out-of-bound write leading to remote code execution.

Impact:

Successful exploitation of these vulnerabilities may allow the attacker to take control of affected system.

Solution:

VMware has released patches for these vulnerabilities. Users and administrators are encouraged to apply all necessary updates.

References:

1. https://www.vmware.com/security/advisories/VMSA-2023-0023.html
2. https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html

IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review IBM Security Advisories and apply necessary updates.