RSS HKCERT

  • F5 Products Multiple Vulnerabilities April 16, 2025
    Multiple vulnerabilities were identified in F5 Products, attacker can exploit this vulnerability to trigger sensitive information disclosure and denial of service condition on the targeted system.   Note: No patch is currently available for  CVE-2023-42795 and CVE-2024-11187 of... Impact Denial of Service Information Disclosure System / Technologies affected BIG-IP (all modules) 17.5.0 17.1.0 - 17.1.2 16.1.0 […]
  • Google Chrome Multiple Vulnerabilities April 16, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior to 135.0.7049.95 (Linux) Google Chrome prior to 135.0.7049.95/.96 (Mac) Google Chrome prior to 135.0.7049.95/.96 (Windows) […]
  • Oracle Products Multiple Vulnerabilities April 16, 2025
    Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, denial of service condition, remote code execution, sensitive information disclosure, data manipulation, cross-site scripting and security restriction bypass on... Impact Denial of Service Remote Code Execution Security Restriction Bypass Information Disclosure Elevation of Privilege Data Manipulation […]
  • Debian Linux Kernel Multiple Vulnerabilities April 14, 2025
    Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.   Impact Elevation of Privilege Information Disclosure Denial of Service System / Technologies affected Debian bookworm versions prior to 6.1.133-1. Solutions Before installation of […]
  • Juniper Junos OS Multiple Vulnerabilities April 11, 2025
    Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure System / Technologies affected Junos OS Junos OS Evolved Please refer to the […]
  • GitLab Multiple Vulnerabilities April 11, 2025
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, sensitive information disclosure and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure Spoofing System / Technologies affected GitLab Community Edition (CE) versions prior to 17.10.4, […]
  • Palo Alto Products Multiple Vulnerabilities April 10, 2025
    Multiple vulnerabilities were identified in Palo Alto Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.   Note: Proof Of Concept exploit... Impact Remote Code Execution Denial of Service Security Restriction Bypass Information […]
  • Fortinet Products Multiple Vulnerabilities April 9, 2025
    Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, sensitive information disclosure, security restriction bypass, data manipulation, denial of service and spoofing on the targeted system.... Impact Remote Code Execution Information Disclosure Security Restriction Bypass Data Manipulation Spoofing Denial of Service Elevation […]
  • Aruba Products Multiple Vulnerabilities April 9, 2025
    Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit this vulnerability to trigger cross-site scripting, sensitive information disclosure, data manipulation and remote code execution on the targeted system. Impact Remote Code Execution Data Manipulation Information Disclosure Cross-Site Scripting System / Technologies affected HPE Aruba Networking:   Access Points running AOS-8 Instant Access Points […]
  • Adobe Monthly Security Update (April 2025) April 9, 2025
    Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe ColdFusion Medium Risk Information Disclosure Remote Code Execution Security Restriction Bypass   APSB25-15 Adobe After Effects ... Impact Remote Code Execution Information Disclosure Denial of Service Elevation of Privilege Security Restriction Bypass System / Technologies […]