RSS HKCERT

  • Google Chrome Multiple Vulnerabilities May 28, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, data manipulation and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution Information Disclosure Data Manipulation System / Technologies affected Google Chrome prior to 137.0.7151.55 (Linux) Google […]
  • Mozilla Products Multiple Vulnerabilities May 28, 2025
    Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution,  denial of service condition, security restriction bypass and sensitive information disclosure on the targeted system. Impact Information Disclosure Remote Code Execution Denial of Service Security Restriction Bypass System / Technologies affected Versions prior to:   Thunderbird […]
  • Debian Linux Kernel Multiple Vulnerabilities May 27, 2025
    Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system. Impact Elevation of Privilege Information Disclosure Denial of Service System / Technologies affected Debian bookworm versions prior to 6.1.140-1 Solutions Before installation of the […]
  • OpenSSL Security Restriction Bypass Vulnerability May 23, 2025
    A vulnerability was identified in OpenSSL. A remote attacker could exploit this vulnerability to trigger security restriction bypass. Impact Security Restriction Bypass System / Technologies affected OpenSSL version 3.5 Solutions Before installation of the software, please visit the software manufacturer web-site for more details.   For version 3.5, upgrade to version 3.5.1
  • ModSecurity Denial of Service Vulnerability May 23, 2025
    A vulnerability was identified in ModSecurity. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected ModSecurity version 2.9.8 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: […]
  • Cisco Products Multiple Vulnerabilities May 23, 2025
    Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting and data manipulation on the targeted system. Impact Data Manipulation Cross-Site Scripting System / Technologies affected Cisco Webex Cisco Webex Meetings Solutions Before installation of the software, please visit the vendor web-site for more details. […]
  • Google Chrome Multiple Vulnerabilities May 22, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.   [Updated on 2025-05-26] Updated Impact and Description. Impact Denial of Service Remote Code Execution System / Technologies affected Google Chrome prior to 137.0.7151.40/.41 (Mac) Google Chrome […]
  • GitLab Multiple Vulnerabilities May 22, 2025
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure System / Technologies affected GitLab Community Edition (CE) versions prior to 18.0.1, 17.11.3, and 17.10.7 […]
  • VMWare Products Multiple Vulnerabilities May 21, 2025
    Multiple vulnerabilities were identified in VMware products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, remote code execution and denial of service condition on the targeted system. Impact Cross-Site Scripting Denial of Service Remote Code Execution System / Technologies affected vCenter Server 8.0 vCenter Server 7.0 VMware ESXi 8.0 VMware ESXi […]
  • Microsoft Edge Multiple Vulnerabilities May 19, 2025
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and remote code execution on the targeted system.   Note: CVE-2025-4664 is being exploited in the wild. The vulnerability assigned to this... Impact Remote Code Execution Information Disclosure System / Technologies affected Microsoft Edge […]