RSS HKCERT

  • Erlang/OTP Remote Code Execution Vulnerability April 23, 2025
    A vulnerability has been identified in Erlang/OTP.  A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.   Note: Proof Of Concept exploit code is publicly available for CVE-2025-32433. The vulnerability allows for unauthenticated remote... Impact Remote Code Execution System / Technologies affected Versions equal or prior to OTP-27.3.2 […]
  • Microsoft Edge Multiple Vulnerabilities April 22, 2025
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system.   Impact Remote Code Execution Denial of Service System / Technologies affected Microsoft Edge version prior to 135.0.3179.85 Solutions Before installation of the software, please […]
  • SonicWall Products Remote Code Execution Vulnerability April 22, 2025
    A vulnerability was identified in SonicWall Products.  A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.   Note: Exploit in the wild has been detected for CVE-2021-20035 that allows remote code execution in certain... Impact Remote Code Execution System / Technologies affected SonicWall SMA 100 Series (SMA 200, SMA 210, SMA […]
  • F5 Products Denial of Service Vulnerability April 22, 2025
    A vulnerability was identified in F5 Products, a remote attacker could exploit this vulnerabilities to trigger denial of service on the targeted system.   Note: No patch is currently available for  CVE-2025-26466 of the affected products. Hence, the risk... Impact Denial of Service System / Technologies affected BIG-IP Next (all modules) version 20.2.0 - 20.3.0 BIG-IP Next […]
  • Cisco Products Multiple Vulnerabilities April 22, 2025
    Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and remote code execution on the targeted system. Impact Remote Code Execution Information Disclosure System / Technologies affected Cisco Webex App Release 44.6 and 44.7 Cisco Secure Network Analytics Release 7.5.0, 7.5.1 and 7.5.2 […]
  • ChromeOS Multiple Vulnerabilities April 21, 2025
    Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, spoofing, elevation of privilege and denial of service condition on the targeted system. Impact Security Restriction Bypass Denial of Service Spoofing Elevation of Privilege System / Technologies affected ChromeOS version 16209.50.0 (Browser version 135.0.7049.104) Solutions Before installation of […]
  • Mozilla Products Multiple Vulnerabilities April 17, 2025
    Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger spoofing and information disclosure on the targeted system. Impact Spoofing Information Disclosure System / Technologies affected Versions prior to:   Firefox 137.0.2 Thunderbird 137.0.2 Thunderbird ESR 128.9.2 Solutions Before installation of the software, please visit the vendor […]
  • Apple Products Multiple Vulnerabilities April 17, 2025
    Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.   [Updated on 2025-04-22]  Updated Source and Related Links.   Note: The vulnerability CVE... Impact Remote Code Execution Security Restriction Bypass System / Technologies affected Versions […]
  • F5 Products Multiple Vulnerabilities April 16, 2025
    Multiple vulnerabilities were identified in F5 Products, attacker can exploit this vulnerability to trigger sensitive information disclosure and denial of service condition on the targeted system.   Note: No patch is currently available for  CVE-2023-42795 and CVE-2024-11187 of... Impact Denial of Service Information Disclosure System / Technologies affected BIG-IP (all modules) 17.5.0 17.1.0 - 17.1.2 16.1.0 […]
  • Google Chrome Multiple Vulnerabilities April 16, 2025
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior to 135.0.7049.95 (Linux) Google Chrome prior to 135.0.7049.95/.96 (Mac) Google Chrome prior to 135.0.7049.95/.96 (Windows) […]