Tanzania Computer Emergency Response Team

TZCERT-SU-24-0193 (Chrome Security Update)

22nd February 2024

Google has released security updates to address vulnerabilities in ChromeOS, Chrome for Android and Chrome for desktop. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Security Advisories chromeOS-update, chrome-for-android and chrome-for-desktop and apply necessary updates.

TZCERT-SU-24-0192 (cPanel Security Update)

22nd February 2024

cPanel has released security update to address vulnerabilities in NodeJS 18 and 20. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review cPanel Security Advisory and apply necessary updates.

Critical Vulnerability in WordPress Bricks Plug-in (CVE-2024-25600)

22nd February 2024

Advisory No: TZCERT/SA/2024/02/22 Date of First Release: 22nd February 2024 Source: WordPress plugin Bricks Builder Software Affected: Bricks Builder versions 1.9.6 and earlier Overview: WordPress has released security updates to address a critical vulnerability (CVE-2024-25600) impacting their Bricks Builder Plug-in. Successful exploitation of the vulnerability may allow an attacker to …

TZCERT-SU-24-0191 (Oracle Linux Security Update)

21st February 2024

Oracle has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Oracle Security Advisories dated Oracle Linux Security Advisories dated 19th February 2024 and apply necessary updates.

TZCERT-SU-24-0190 (SUSE Security Update)

21st February 2024

SUSE has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review SUSE Security Advisories dated 19th February 2024 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0193 (Chrome Security Update)

TZCERT-SU-24-0192 (cPanel Security Update)

Critical Vulnerability in WordPress Bricks Plug-in (CVE-2024-25600)

TZCERT-SU-24-0191 (Oracle Linux Security Update)

TZCERT-SU-24-0190 (SUSE Security Update)

Subscribe to Receive Regular Updates

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Critical vulnerabilities affecting IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector (CVE-2022-42920, CVE-2023-51385 and CVE-2023-39410)

AIKit 4.14.1 Authenticated SQL Injection (CVE-2024-31370)

Critical remote code execution vulnerability in XZ Library (CVE-2024-3094)

SQL Injection in Bamboo Data Center and Server (CVE-2024-1597)