security-advisories

Advisory No: TZCERT/SA/2020/11/26 Date of First Release: 26th November 2020 Source: VMware Software Affected:  VMware Workspace One Access    20.10 (Linux)VMware Workspace One Access    20.01 (Linux)VMware Identity Manager    3.3.3 (Linux)VMware Identity Manager    3.3.2 (Linux)VMware Identity Manager    3.3.1 (Linux)VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux)VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows) Overview: The vulnerability …

Advisory No: TZCERT/SA/2020/11/18 Date of First Release: 18th November 2020 Source: CISCO Software Affected: Cisco Security Manager releases 4.21 and earlier. Overview: The vulnerability exists in the Cisco Security Manager device and can allow an unauthenticated, remote attacker to gain access to sensitive information. Description: The vulnerability is caused by improper validation of directory …

Advisory No: TZCERT/SA/2020/11/11 Date of First Release: 11th November 2020 Source: MICROSOFT Software Affected: Windows Operating System Overview: Google has disclosed zero-day vulnerability in Microsoft Windows Kernel that is being exploited alongside with Google Chrome flaw (CVE-2020-15999). Description: This vulnerability is caused by the buffer overflow in the Windows Kernel Cryptography Driver (cng.sys) whereby …

Advisory No: TZCERT/SA/2020/11/11 Date of First Release: 11th November 2020 Source: CISCO Software Affected: AnyConnect Secure Mobility Client for Linux, Windows and macOS Overview: This vulnerability exists in the interprocess communication (IPC) channel of the Cisco AnyConnect Secure Mobility Client Software that could allow an authenticated user to execute code through AnyConnect user. Description: …

Advisory No: TZCERT/SA/2020/09/23 Date of First Release: 23rd September 2020 Source: Microsoft Software Affected:  Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server, version 1903 (Server Core …

Advisory No: TZCERT/SA/2020/09/02 Date of First Release: 2nd September, 2020 Source: CISCO Software Affected: Any Cisco device with an active interface configured with multicast routing and running Cisco IOS XR software. Overview: Cisco has issued a security advisory on multiple vulnerabilities on any CISCO device running IOS XR Software. These vulnerabilities tracked as CVE-2020-3566 …

Advisory No: TZCERT/SA/2020/08/27 Date of First Release: 27th August 2020 Source: MICROSOFT Software Affected: Microsoft Access Products Overview: Current Microsoft Access Products are missing security updates that can cause a remote code execution vulnerability (RCE). The vulnerability may allow an unauthenticated user to run arbitrary code in the context of current user. Description: This …

Advisory No: TZCERT/SA/2018/12/05 Date of First Release: 6 December 2018 Source: Microsoft Software Affected: Team Foundation Server 2018 Update 1.1 Team Foundation Server 2018 Update 3 Team Foundation Server 2018 Update 3.1 Team Foundation Server 2017 Update 3.1 Overview: Multiple vulnerabilities have been identified in Microsoft Team Foundation Server that …

Advisory No: TZCERT/SA/2018/12/05 Date of First Release: 6th December, 2018 Source: PHP, CISCO Software Affected: PHP versions 5.x through 7.1.24 Overview: Potential vulnerability has been discovered in Hypertext Pre-processor (PHP) which can allow a remote attacker to cause denial of service condition on the affected system. Description: It has been …

Advisory No: TZCERT/SA/2018/08/13 Date of First Release: 14th August 2018 Source: Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). Product Affected: The vulnerable Linux Kernel version is 4.9+. However, several Linux distributions have backported some of the networking code from version 4.9 …