RSS HKCERT

  • Oracle Products Multiple Vulnerabilities July 16, 2025
    Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, denial of service condition, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system. Impact Denial of Service Remote Code Execution Security Restriction Bypass Information Disclosure Elevation of Privilege Data […]
  • Node.js Multiple Vulnerabilities July 16, 2025
    Multiple vulnerabilities have been identified in Node.js. A remote attacker can exploit these vulnerabilities to trigger denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass System / Technologies affected Node.js versions prior to 20.19.4 (LTS) Node.js versions prior to 22.17.1 (LTS) Node.js versions prior to 24.4.1 […]
  • Google Chrome Multiple Vulnerabilities July 16, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system.   Note: CVE-2025-6558 is being exploited in the wild. Incorrect validation of... Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior […]
  • GnuTLS Multiple Vulnerabilities July 14, 2025
    Multiple vulnerabilities were identified in GnuTLS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and sensitive information disclosure on the targeted system. Impact Denial of Service Information Disclosure System / Technologies affected GnuTLS versions prior to 3.8.10 Solutions Before installation of the software, please visit the vendor web-site for […]
  • Apache Products Multiple Vulnerabilities July 14, 2025
    Multiple vulnerabilities were identified in Apache products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, data manipulation and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Data Manipulation System / Technologies affected Apache HTTP Server versions prior to 2.4.64 Apache Tomcat versions […]
  • Palo Alto PAN-OS Multiple vulnerabilities July 11, 2025
    Multiple vulnerabilities were identified in Palo Alto PAN-OS . A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, elevation of privilege and security restriction bypass on the targeted system.   Note: CVE-2024-... Impact Denial of Service Information Disclosure Security Restriction Bypass Elevation of Privilege System / Technologies affected PAN-OS […]
  • Juniper Junos OS Multiple Vulnerabilities July 11, 2025
    Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, denial of service condition, sensitive information disclosure, elevation of privilege and security restriction bypass on the targeted system. Impact Denial of Service Information Disclosure Security Restriction Bypass Elevation of Privilege Spoofing System / Technologies affected Junos OS […]
  • Zoom Products Multiple Vulnerabilities July 10, 2025
    Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger security restriction bypass, denial of service condition and sensitive information disclosure on the targeted system. Impact Denial of Service Information Disclosure Security Restriction Bypass System / Technologies affected Zoom Meeting SDK for Android before version 6.4.5 Zoom Meeting SDK […]
  • Citrix Products Multiple Vulnerabilities July 10, 2025
    Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and elevation of privilege on the targeted system. Impact Elevation of Privilege Information Disclosure System / Technologies affected Citrix Virtual Apps and Desktops versions before 2503  Citrix Virtual Apps and Desktops 2402 LTSR CU2 […]
  • Adobe Monthly Security Update (July 2025) July 9, 2025
    Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe After Effects Medium Risk Denial of Service Information Disclosure   APSB25-49 Substance 3D Viewer Medium Risk ... Impact Remote Code Execution Elevation of Privilege Cross-Site Scripting Security Restriction Bypass Information Disclosure Denial of Service System […]