RSS HKCERT

  • Microsoft Edge Multiple Vulnerabilities January 21, 2025
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system. Impact Denial of Service Elevation of Privilege Remote Code Execution Security Restriction Bypass Information Disclosure System / […]
  • ChromeOS Multiple Vulnerabilities January 20, 2025
    Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, cross-site scripting, data manipulation, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.   Impact Remote Code Execution Information Disclosure Security Restriction Bypass Data Manipulation Cross-Site Scripting Spoofing System / Technologies affected ChromeOS […]
  • [Security Blog] Enhancing Digital Signage Security: Security Findings and Recommendations from the Latest Study January 19, 2025
    Download Full Report: IoT Security Study Report on Digital Signage   In today's digital age, digital <h2><strong>Summary of the Security Study</strong></h2> <p>The security study aimed to identify potential security risks in common digital signage systems and provide security recommendations for digital signage users. The security study involved conducting tests on the selected digital signages, their […]
  • Splunk Products Multiple Vulnerabilities January 17, 2025
    Multiple vulnerabilities were identified in Splunk Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and security restriction bypass on the targeted system. Impact Denial of Service Elevation of Privilege System / Technologies affected Splunk Supporting Add-on for Active Directory version below 3.1.1 Splunk App for […]
  • Zoom Products Multiple Vulnerabilities January 16, 2025
    Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition, data manipulation, elevation of privilege and sensitive information disclosure on the targeted system. Impact Denial of Service Elevation of Privilege Information Disclosure Data Manipulation System / Technologies affected Zoom Jenkins bot plugin before version 1.6 Zoom […]
  • Microsoft Edge Remote Code Execution Vulnerability January 16, 2025
    A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.     Impact Remote Code Execution System / Technologies affected Microsoft Edge Stable Channel version prior to 131.0.2903.146 and 131.0.2903.147 Solutions Before installation of the software, please visit the software vendor web-site […]
  • Ivanti Products Security Restriction Bypass Vulnerability January 16, 2025
    A vulnerability was identified in Ivanti Products. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Impact Security Restriction Bypass System / Technologies affected Ivanti Application Control version 2024.3 and prior Ivanti Application Control version 2024.1 and prior Ivanti Application Control version 2023.3 and prior Ivanti Security Controls […]
  • Microsoft Monthly Security Update (January 2025) January 15, 2025
    Microsoft has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Developer Tools Medium Risk Information Disclosure Remote Code Execution Elevation of Privilege   Windows High Risk Remote Code Execution Information Disclosure Elevation... Impact Elevation of Privilege Security Restriction Bypass Spoofing Information Disclosure Remote Code Execution Denial of Service System […]
  • Adobe Monthly Security Update (January 2025) January 15, 2025
    Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Photoshop Medium Risk Remote Code Execution   APSB25-02 Substance 3D Stager Medium Risk Remote Code Execution   ... Impact Remote Code Execution System / Technologies affected Photoshop 2025 26.1 and earlier versions Photoshop 2024 25.12 and […]
  • Aruba Remote Code Execution Vulnerability January 15, 2025
    A vulnerability was identified in Aruba. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system. Impact Remote Code Execution System / Technologies affected AOS-10.4.x.x: 10.4.1.4 and below AOS-8.12.x.x: 8.12.0.2 and below AOS-8.10.x.x: 8.10.0.14 and below The following software versions that are End of Maintenance (EoM) are affected by […]