RSS HKCERT News

RSS HKCERT

  • Google Chrome Multiple Vulnerabilities February 8, 2023
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, privilege escalation,  security restriction bypass, denial of service and sensitive information disclosure on the targeted system. Impact Remote Code Execution Information Disclosure Denial of Service Elevation of Privilege Security Restriction Bypass System / Technologies affected […]
  • IBM MQ Denial of Service Vulnerability February 7, 2023
    A vulnerability has been identified in IBM MQ. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected IBM MQ 9.2 LTS IBM MQ 9.3 LTS IBM MQ 9.2 CD IBM MQ 9.3 CD Solutions Before installation of the software, […]
  • SUSE Linux Kernel Multiple Vulnerabilities February 7, 2023
    Multiple vulnerabilities were identified in SUSE Linux. A attacker could exploit some of these vulnerabilities to trigger denial of service condition and elevation of privilege on the targeted system.   [Updated on 2023-02-08]  Updated System / Technologies affected, Solutions, Vulnerability Identifier and... Impact Denial of Service Elevation of Privilege System / Technologies affected SUSE Linux […]
  • ChromeOS Multiple Vulnerabilities February 7, 2023
    Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Version prior to LTS-102, 102.0.5005.196 (Platform Version: 14695.1782.0) Solutions Before installation of the software, please […]
  • Android Multiple Vulnerabilities February 7, 2023
    Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system. Impact Denial of Service Elevation of Privilege Information Disclosure System / Technologies affected Android security patch level prior to 2023-02-05 Solutions Before installation of […]
  • OpenSSH Multiple Vulnerabilities February 7, 2023
    Multiple vulnerabilities were identified in OpenSSH. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution System / Technologies affected Version prior to OpenSSH 9.1 Solutions Before installation of the software, please visit the vendor web-site […]
  • Microsoft Edge Data Manipulation Vulnerability February 6, 2023
    A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger data manipulation on the targeted system.   Note: Proof Of Concept Exploit Code is Publicly Available for CVE-2023-21720. Impact Data Manipulation System / Technologies affected Microsoft Edge prior to 109.0.1518.78 Solutions Before installation of the software, please visit the […]
  • [Security Blog] How to Mitigate New Cyber Security Risks Arising from the Growing Use of Technology in Industrial Operations February 5, 2023
    In recent years, more enterprises and public utilities are leveraging 5G and Internet of Things (IoT) technologies to connect their industrial operation technology (OT) systems to the information technology (IT) systems or the Internet. This enables the operation data of factory machines...
  • F5 Products Multiple Vulnerabilities February 3, 2023
    Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service and remote code execution on the targeted system.   Impact Denial of Service Remote Code Execution System / Technologies affected BIG-IP 17.0.0 16.1.0 - 16.1.3 15.1.0 - 15.1.8 14.1.0 - 14.1.5 13.1.0 - 13.1.5 […]
  • IBM WebSphere Application Server Remote Code Execution Vulnerability February 2, 2023
    A vulnerability was identified in IBM WebSphere Application Server. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system. Impact Remote Code Execution System / Technologies affected IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Solutions Before installation of the software, please visit the vendor web-site for […]