RSS HKCERT

  • Microsoft Edge Denial of Service Vulnerability May 9, 2025
    A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.   Impact Denial of Service System / Technologies affected Microsoft Edge version prior to 136.0.3240.64 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply […]
  • GitLab Multiple Vulnerabilities May 9, 2025
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass System / Technologies affected GitLab Community Edition (CE) versions prior to 17.11.2, 17.10.6, and 17.9.8 GitLab Enterprise Edition (EE) […]
  • Cisco Products Multiple Vulnerabilities May 9, 2025
    Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system. Impact Denial of Service Elevation of Privilege Remote Code Execution Security Restriction Bypass Information […]
  • Samsung Products Multiple Vulnerabilities May 8, 2025
    Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.   Note: There are indications that CVE-2025-... Impact Remote Code Execution Denial of Service Elevation of Privilege Information Disclosure […]
  • Ubuntu Linux Kernel Multiple Vulnerabilities May 7, 2025
    Multiple vulnerabilities were identified in Ubuntu Linux Kernel. An attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system.   [Updated on 2025-05-09... Impact Denial of Service Elevation of Privilege Remote Code Execution Information Disclosure Data […]
  • Google Chrome Denial of Service Vulnerability May 7, 2025
    A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected Google Chrome prior to 136.0.7103.92 (Linux) Google Chrome prior to 136.0.7103.92/.93 (Mac) Google Chrome prior to 136.0.7103.92/.93 (Windows) Solutions Before installation of the software, please visit the […]
  • Android Multiple Vulnerabilities May 7, 2025
    Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.   Note: There are indications that CVE-2025-27363... Impact Remote Code Execution Denial of Service Elevation of Privilege Information Disclosure System […]
  • SUSE Linux Kernel Multiple Vulnerabilities May 6, 2025
    Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and elevation of privilege on the targeted system.   [Updated on 2025-05-09] Updated System / Technologies affected... Impact Denial of Service Remote Code Execution Elevation of Privilege System / […]
  • RedHat Linux Kernel Multiple Vulnerabilities May 2, 2025
    Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.   [Updated on 2025-05... Impact Denial of Service Information Disclosure Security Restriction Bypass Data Manipulation Remote Code […]
  • Malware Alert - Retailers Targeted by Ransomware Attacks from Scattered Spider Threat Actor Group May 2, 2025
    Solutions HKCERT recommends that users should:   Implement phishing-resistant MFA and educate users on recognizing social engineering and phishing attempts. Enforce least privilege access policies to limit unauthorized access. Implement continuous monitoring for logins and regularly audit privileged accounts. Maintain offline and encrypted backups. Deploy email filtering tools and implement network segmentation. Update software and […]