RSS HKCERT

  • Microsoft Edge Remote Code Execution Vulnerability November 14, 2025
    A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Microsoft Edge version prior to 142.0.3595.80 Solutions Before installation of the software, please visit the software vendor […]
  • Phishing Alert - Beware of Fake "eTraffic Ticket Platform" and "HKeToll" Websites Requesting Personal Information November 14, 2025
    Solutions HKCERT urges the public to increase their awareness of cybersecurity and recommends that Internet users should: If you have provided personal information to these websites, call 18222 to contact the Anti-Deception Coordination Centre of the Hong Kong Police Force. For inquiries about the eTraffic Ticket Platform, call 181 181. For inquiries about HKeToll, call […]
  • Mozilla Firefox Multiple Vulnerabilities November 13, 2025
    Multiple vulnerabilities were identified in Mozilla Firefox. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and security restriction bypass on the targeted system. Impact Denial of Service Remote Code Execution Spoofing Security Restriction Bypass System / Technologies affected Versions prior to:   Firefox ESR […]
  • GitLab Multiple Vulnerabilities November 13, 2025
    Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, elevation of privilege, denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure Elevation of Privilege Cross-Site Scripting System / Technologies affected […]
  • ChromeOS Multiple Vulnerabilities November 13, 2025
    Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, remote code execution, denial of service condition and sensitive information disclosure on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Security Restriction Bypass System / Technologies affected ChromeOS versions prior to 16433.41.0 (Browser version […]
  • Apache OpenOffice Multiple Vulnerabilities November 13, 2025
    Multiple vulnerabilities were identified in Apache OpenOffice. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing and sensitive information disclosure on the targeted system. Impact Denial of Service Spoofing Information Disclosure System / Technologies affected Apache OpenOffice versions prior to 4.1.16 Solutions Before installation of the software, please […]
  • Palo Alto PAN-OS Denial Of Service Vulnerability November 12, 2025
    A vulnerability was identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected PAN-OS 10.2 versions >= 10.2.4-h25, >= 10.2.7-h11, < 10.2.7-h24, >= 10.2.8-h10, < 10.2.8-h21, >= 10.2.9-h6, < 10.2.9-h21, >= 10.2.10-h2, < 10.2.10-h14, < 10.2.11-h12,< 10.2.12-h6, […]
  • SAP Products Multiple Vulnerabilities November 12, 2025
    Multiple vulnerabilities were identified in SAP Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Elevation of Privilege Data Manipulation System / Technologies […]
  • Google Chrome Remote Code Execution Vulnerability November 12, 2025
    A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger denial of service condition and remote code execution on the targeted system.   [Updated on 2025-11-13] Updated System / Technologies affected, Solutions and Related Links. Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior to […]
  • GitHub Enterprise Server Multiple Vulnerabilities November 12, 2025
    Multiple vulnerabilities were identified in GitHub Enterprise Server. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and cross-site scripting on the targeted system.   Note: Proof of Concept exploit code Is publicly available for CVE-... Impact Remote Code Execution Elevation of Privilege Cross-Site Scripting System / […]