RSS HKCERT

  • Apple Products Multiple Vulnerabilities November 20, 2024
    Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and cross-site scripting on the targeted system.   Note: CVE-2024-44308 and CVE-2024-44309 are actively exploited... Impact Remote Code Execution Cross-Site Scripting System / Technologies affected Versions prior to macOS Sequoia 15.1.1 Versions prior to iOS 17.7.2 and iPadOS […]
  • Google Chrome Denial of Service Vulnerability November 20, 2024
    A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected Google Chrome prior to 131.0.6778.85 (Linux) Google Chrome prior to 131.0.6778.85/.86 (Mac) Google Chrome prior to 131.0.6778.85/.86 (Windows) Solutions Before installation of the software, please visit the […]
  • Palo Alto PAN-OS Multiple vulnerabilities November 19, 2024
    Multiple vulnerabilities were identified in Palo Alto PAN-OS. A remote user could exploit these vulnerabilities to trigger elevation of privilege and security restriction bypass on the targeted system.   Note: CVE-2024-0012 and CVE-2024-9474 are actively exploited in... Impact Elevation of Privilege Security Restriction Bypass System / Technologies affected PAN-OS 10.1 versions earlier than PAN-OS 10.1.14-h6 PAN-OS 10.2 […]
  • Apache Tomcat Multiple Vulnerabilities November 19, 2024
    Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, cross-site scripting and information disclosure on the targeted system. Impact Security Restriction Bypass Information Disclosure Cross-Site Scripting System / Technologies affected Apache Tomcat 11.0.0 Apache Tomcat 11.0.0-M1 to 11.0.0-M26 Apache Tomcat 10.1.31 Apache Tomcat version 10.1.0-M1 […]
  • Ruckus Products Remote Code Execution Vulnerability November 18, 2024
    A vulnerability was identified in Ruckus Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.   Impact Remote Code Execution System / Technologies affected RUCKUS H350 RUCKUS H550 RUCKUS R350 RUCKUS R350e RUCKUS R670 RUCKUS T350c RUCKUS T350d RUCKUS T350se RUCKUS T670 Ruckus Q410 Ruckus Q710 Ruckus Q910 […]
  • Palo Alto PAN-OS Multiple vulnerabilities November 15, 2024
    Multiple vulnerabilities were identified in Palo Alto PAN-OS. A remote user could exploit these vulnerabilities to trigger cross-site scripting, remote code execution, denial of service, sensitive information disclosure, and security restriction bypass on the targeted system. Impact Cross-Site Scripting Remote Code Execution Denial of Service Information Disclosure Security Restriction Bypass System / Technologies affected PAN-OS […]
  • Microsoft Edge Multiple Vulnerabilities November 15, 2024
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, security restriction bypass and remote code execution on the targeted system. Impact Security Restriction Bypass Remote Code Execution Information Disclosure System / Technologies affected Microsoft Edge (Stable) version prior to 131.0.2903.48 Solutions Before installation of the […]
  • Ivanti Products Multiple Vulnerabilities November 15, 2024
    Multiple vulnerabilities have been identified in Ivanti Products. A remote attacker could exploit these vulnerability to trigger denial of service condition, remote code execution, elevation of privilege, data manipulation and sensitive information disclosure on the targeted system. Impact Denial of Service Remote Code Execution Information Disclosure Elevation of Privilege Data Manipulation System / Technologies affected […]
  • GitLab Multiple Vulnerabilities November 15, 2024
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit these vulnerabilities to trigger denial of service, cross-site scripting, remote code execution, security restriction bypass, and sensitive information disclosure on the targeted system. Impact Denial of Service Cross-Site Scripting Remote Code Execution Security Restriction Bypass Information Disclosure System / Technologies affected GitLab Community Edition […]
  • Fortinet Products Multiple Vulnerabilities November 15, 2024
    Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, security restriction bypass, data manipulation, and elevation of privilege on the targeted system.   Impact Remote Code Execution Information Disclosure Security Restriction Bypass Data Manipulation Elevation of Privilege System / Technologies […]