A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories

security-advisories

Remote Code Execution Vulnerabilities in SolarWinds Access Rights Manager (ARM) (CVE-2024-23469, CVE-2024-23467, CVE-2024-23471)

Advisory No: TZCERT/SA/2024/07/19-3 Date of First Release: 19th July 2024 Source: SolarWinds Software Affected: SolarWinds Access Rights Manager (ARM) Overview: Critical vulnerabilities affect SolarWinds ARM. An attacker can leverage the vulnerabilities to execute remote arbitrary code on the affected device. Description: SolarWinds Access Rights Manager (ARM) is vulnerable to three …

Read More »

Critical vulnerabilities in Cisco Secure Email Gateway and Cisco Smart Software Manager On-Prem (CVE-2024-20401, CVE-2024-20419)

Advisory No: TZCERT/SA/2024/07/19-2 Date of First Release: 19th July 2024 Source: Cisco Software Affected: Cisco Secure Email Gateway, Cisco Smart Software Manager On-Prem Overview: Two Cisco products are affected by critical vulnerabilities. The vulnerabilities could allow an attacker to execute arbitrary code, or cause a permanent denial of service (DoS) …

Read More »

Two critical vulnerabilities affecting WordPress (CVE-2024-6220, CVE-2024-6457)

Advisory No: TZCERT/SA/2024/07/19-1 Date of First Release: 19th July 2024 Source: Wordfence Software Affected: Keydatas, woocommerce-products-filter Overview: WordPress is vulnerable to two (2) critical vulnerabilities. Exploitation of these vulnerabilities makes remote code execution possible. Description: Two (2) WordPress plugins namely Keydatas, woocommerce-products-filter are affected by the vulnerabilities tracked as CVE-2024-6220 …

Read More »

Windows crashes due to CrowdStrike Falcon Sensor Update

Advisory No: TZCERT/SA/2024/07/19 Date of First Release: 19th July 2024 Source: CrowdStrike Software Affected: Windows systems Overview: CrowdStrike experienced a significant issue due to a faulty update of its Falcon sensor software, which caused numerous Windows systems worldwide to crash and display the Blue Screen of Death (BSOD). Description: A …

Read More »

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Advisory No: TZCERT/SA/2024/07/10-2 Date of First Release: 10th July 2024 Source: Wordfence Software Affected: osm, iq-testimonials, forms-gutenberg, woo-product-tables Overview: WordPress is vulnerable to four critical vulnerabilities. Exploitation of these vulnerabilities makes remote code execution possible. Description: Four WordPress plugins namely osm, iq-testimonials, forms-gutenberg, and woo-product-tables are affected by the vulnerabilities …

Read More »

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Advisory No: TZCERT/SA/2024/07/10-1 Date of First Release: 10th July 2024 Source: IBM Software Affected:  PostgreSQL JDBC Driver, Apache Derby Overview: Multiple IBM products depending on  PostgreSQL JDBC Driver, and Apache Derby are vulnerable to critical vulnerabilities. Attackers can exploit the vulnerabilities to dump critical data or execute arbitrary code. Description: …

Read More »

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

Advisory No: TZCERT/SA/2024/07/04-2 Date of First Release: 4th July 2024 Source: IBM Software Affected: IBM Observability with Instana (OnPrem) Overview: WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerability to take control of the affected system. Description: IBM Observability with Instana (OnPrem) is affected by a …

Read More »

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

Advisory No: TZCERT/SA/2024/07/04-1 Date of First Release: 4th July 2024 Source: Wordfence Software Affected: wp-nested-pages, addons-for-elementor and IMGspider Overview: WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: Three WordPress plugins namely wp-nested-pages, addons-for-elementor and IMGspider as affected …

Read More »

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)

Advisory No: TZCERT/SA/2024/05/31-2 Date of First Release: 31st May 2024 Source: Hewlett-Packard (HP) Software Affected:  Servers Overview: HPE ProLiant and HPE Edgeline Servers are vulnerable to multiple high severity vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: The five high-severity vulnerabilities among other …

Read More »

Critical Vulnerabilities affecting WordPress (CVE-2024-5522, CVE-2024-5150, CVE-2024-3412)

Advisory No: TZCERT/SA/2024/05/31-1 Date of First Release: 31st May 2024 Source: Wordfence Software Affected:  html5-video-player,  login-with-phone-number,  wp-staging Overview: WordPress is vulnerable to three critical vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system. Description: Three WordPress plugins namely html5-video-player,  login-with-phone-number,  wp-staging are affected by the …

Read More »