RSS HKCERT

  • Google Chrome Multiple Vulnerabilities June 18, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution System / Technologies affected Google Chrome prior to 137.0.7151.119 (Linux) Google Chrome prior to 137.0.7151.119/.120 (Mac) Google Chrome prior to 137.0.7151.119/.120 (Windows) Solutions […]
  • Citrix Products Multiple Vulnerabilities June 18, 2025
    Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and sensitive information disclosure on the targeted system.     Impact Security Restriction Bypass Information Disclosure System / Technologies affected NetScaler ADC and NetScaler Gateway 14.1 before  14.1-43.56 NetScaler ADC and NetScaler Gateway 13.1 […]
  • Apache Tomcat Multiple Vulnerabilities June 18, 2025
    Multiple vulnerabilities were identified in Apache Tomcat. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and denial of service condition on the targeted system. Impact Denial of Service Security Restriction Bypass System / Technologies affected Apache Tomcat version 9.0.0.M1 to 9.0.105 Apache Tomcat version 10.1.0-M1 to 10.1.41 Apache Tomcat version 11.0.0-M1 to 11.0.7 Solutions Before […]
  • TP-Link Router Remote Code Execution Vulnerability June 17, 2025
    A vulnerability was identified in TP-Link router. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system. Impact Remote Code Execution System / Technologies affected TP-Link TL-WR740N V1/V2 TP-Link TL-WR841N V8/V10 TP-Link TL-WR940N V2/V4     Solutions The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue affected […]
  • Microsoft Edge Multiple Vulnerabilities June 16, 2025
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Microsoft Edge version prior to 137.0.3296.83 Solutions Before installation of the software, please visit […]
  • Apple Products Security Restriction Bypass Vulnerability June 16, 2025
    A vulnerability was identified in Apple Products. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.   Note: For CVE-2025-43200, a logic issue existed when processing a maliciously crafted photo or video shared via an iCloud... Impact Security Restriction Bypass System / Technologies affected Versions prior to iOS 18.3.1 […]
  • Palo Alto Products Multiple Vulnerabilities June 13, 2025
    Multiple vulnerabilities were identified in Palo Alto Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, elevation of privilege and security restriction bypass on the targeted system.   Impact Elevation of Privilege Information Disclosure Security Restriction Bypass System / Technologies affected PAN-OS 10.1 versions earlier than PAN-OS 10.1.14-h16 PAN-OS 10.2 […]
  • GitLab Multiple Vulnerabilities June 13, 2025
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, sensitive information disclosure, denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure Cross-Site Scripting System / Technologies affected GitLab Community Edition (CE) versions prior to […]
  • Trend Micro Products Multiple Vulnerabilities June 12, 2025
    Multiple vulnerabilities were identified in Trend Micro Products. An attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and data manipulation on the targeted system.   Impact Elevation of Privilege Remote Code Execution Data Manipulation System / Technologies affected Trend Micro Apex One - 2019 (On-prem) Trend Micro Apex […]
  • SAP Business One Security Restriction Bypass Vulnerability June 12, 2025
    A vulnerability was identified in SAP Business One. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Impact Security Restriction Bypass System / Technologies affected SAP Business One Integration Framework Versions – B1_ON_HANA 10.0, SAP-M-BO 10.0 Solutions Before installation of the software, please visit the vendor web-site for more […]