RSS HKCERT

  • Microsoft Edge Multiple Vulnerabilities May 19, 2025
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and remote code execution on the targeted system.   Note: CVE-2025-4664 is being exploited in the wild. The vulnerability assigned to this... Impact Remote Code Execution Information Disclosure System / Technologies affected Microsoft Edge […]
  • IBM WebSphere Products Multiple Vulnerabilities May 19, 2025
    Multiple vulnerabilities were identified in IBM WebSphere Products. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation and sensitive information disclosure on the targeted system. Impact Data Manipulation Information Disclosure System / Technologies affected IBM WebSphere Application Server 9.0 IBM WebSphere Application Server 8.5 Solutions Before installation of the software, please visit […]
  • Mozilla Firefox Multiple Vulnerabilities May 19, 2025
    Multiple vulnerabilities were identified in Mozilla Firefox. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and information disclosure on the targeted system. Impact Denial of Service Remote Code Execution Information Disclosure System / Technologies affected Versions prior to:   Firefox ESR 128.10.1 Firefox ESR 115.23.1 […]
  • SonicWall Products Security Restriction Bypass Vulnerability May 16, 2025
    A vulnerability was identified in SonicWall Products.  A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.   Impact Security Restriction Bypass System / Technologies affected SonicWall SMA 1000 Series 12.4.3-02925 (platform-hotfix) and earlier versions Solutions Before installation of the software, please visit the vendor web-site for more details.   […]
  • Palo Alto Products Multiple Vulnerabilities May 16, 2025
    Multiple vulnerabilities were identified in Palo Alto Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, elevation of privilege,  cross-site scripting and security restriction bypass on the targeted system.... Impact Remote Code Execution Denial of Service Security Restriction Bypass Information Disclosure Cross-Site Scripting […]
  • Mozilla Products Multiple Vulnerabilities May 16, 2025
    Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and spoofing on the targeted system. Impact Security Restriction Bypass Spoofing System / Technologies affected Versions prior to:   Thunderbird 138.0.1 Thunderbird 128.10.1 Solutions Before installation of the software, please visit the vendor web-site […]
  • Zoom Products Multiple Vulnerabilities May 15, 2025
    Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition and elevation of privilege on the targeted system. Impact Denial of Service Elevation of Privilege System / Technologies affected Zoom Workplace Desktop App for Windows before version 6.4.0 Zoom Workplace Desktop App for macOS before […]
  • Node.js Multiple Vulnerabilities May 15, 2025
    Multiple vulnerabilities have been identified in Node.js. A remote attacker can exploit these vulnerabilities to trigger denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass System / Technologies affected Node.js versions prior to 20.19.2 (LTS) Node.js versions prior to 22.15.1 (LTS) Node.js versions prior to 23.11.1 […]
  • Google Chrome Multiple Vulnerabilities May 15, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and remote code execution on the targeted system.   Note: CVE-2025-4664 is being exploited in the wild, insufficient policy enforcement in Loader... Impact Information Disclosure Remote Code Execution System / Technologies affected Google Chrome […]
  • Adobe Monthly Security Update (May 2025) May 14, 2025
    Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Lightroom Medium Risk Remote Code Execution   APSB25-29 Adobe Dreamweaver Medium Risk Remote Code Execution   APSB25... Impact Remote Code Execution Denial of Service Information Disclosure Elevation of Privilege Cross-Site Scripting System / Technologies affected […]