RSS HKCERT News

RSS HKCERT

  • GitLab Security Restriction Bypass Vulnerability September 20, 2023
    A vulnerability was identified in GitLab. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Impact Security Restriction Bypass System / Technologies affected GitLab Community Edition (CE) versions starting from 16.3 and prior to 16.3.4 GitLab Enterprise Edition (EE) versions starting from 13.12 and prior to 16.2.7 Solutions […]
  • Microsoft Edge Multiple Vulnerabilities September 18, 2023
    Multiple vulnerabilities were identified in Microsoft Edge.  A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and security restriction bypass on the targeted system.   Note: For CVE-2023-4863, ... Impact Denial of Service Elevation of Privilege Remote Code Execution Security Restriction Bypass System / […]
  • SUSE Linux Kernel Multiple Vulnerabilities September 15, 2023
    Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, security restriction bypass, denial of service condition, sensitive information disclosure, remote code execution and elevation of privilege on the targeted system.   [Updated... Impact Remote Code Execution Elevation of Privilege Information Disclosure Denial of Service Security […]
  • Cisco Products Multiple Vulnerabilities September 15, 2023
    Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and data manipulation on the targeted system. Impact Denial of Service Remote Code Execution Security Restriction Bypass Data Manipulation System / Technologies affected 8000 Series Routers ASR […]
  • Mozilla Products Remote Code Execution Vulnerability September 13, 2023
    A vulnerability was identified in Mozilla Products, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.   Note: For CVE-2023-4863, heap buffer overflow in WebP may lead to arbitrary code execution. It is aware that... Impact Remote Code Execution System / Technologies affected Versions prior to: Firefox 117.0.1 […]
  • Microsoft Monthly Security Update (September 2023) September 13, 2023
    Microsoft has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Browser Low Risk     Windows High Risk Elevation of Privilege Denial of Service Information Disclosure Remote Code Execution Security Restriction Bypass CVE... Impact Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Spoofing Security Restriction Bypass […]
  • ChromeOS Multiple Vulnerabilities September 13, 2023
    Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure System / Technologies affected Version prior to 108.0.5359.242 (Platform version: 15183.105.0) Solutions Before installation […]
  • Adobe Monthly Security Update (September 2023) September 13, 2023
    Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Connect Medium Risk Cross-site Scripting Remote Code Execution   APSB23-33 Adobe Acrobat and Reader Extremely... Impact Remote Code Execution Cross-Site Scripting System / Technologies affected Adobe Connect 12.3  and earlier versions Acrobat DC 23.003.20284 and […]
  • Google Chrome Remote Code Execution Vulnerability September 12, 2023
    Multiple vulnerabilities were identified in Google Chrome.  A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and security restriction bypass on the targeted system.   Note: For CVE-2023-4863, ... Impact Denial of Service Elevation of Privilege Remote Code Execution Security Restriction Bypass System / […]
  • Notepad++ Multiple Vulnerabilities September 11, 2023
    Multiple vulnerabilities were identified in Notepad++. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system. Impact Information Disclosure Remote Code Execution System / Technologies affected Notepad++ version prior to 8.5.7   Solutions Before installation of the software, please visit the vendor web-site […]