Tanzania Computer Emergency Response Team

GitLab has released security updates to address vulnerabilities in in GitLab prior to version 16.11. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review GitLab Released and apply necessary updates.

MongoDB has released security updates to address vulnerabilities in multiple versions of MongoDB. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review MongoBD Alert and apply necessary updates.

Advisory No: TZCERT/SA/2024/04/19 Date of First Release: 19th April 2024 Source: Hewlett Packard Enterprise (HPE) Software Affected: HPE Compute Scale-up Server 3200, HPE Superdome Flex 280 Server and HPE Superdome Flex Server Overview: Three HPE products are affected by the critical vulnerability. The vulnerability may allow an attacker to execute …

Advisory No: TZCERT/SA/2024/04/15 Date of First Release: 15th April 2024 Source: Palo Alto Software Affected: PAN-OS versions 10.2, 11.0, and 11.1 Overview: Palo Alto’s PAN-OS is affected by the critical command injection vulnerability. The vulnerabilities may allow an attacker to execute arbitrary code with root privileges on the firewall. Description: …

Advisory No: TZCERT/SA/2024/04/12-2 Date of First Release: 12th April 2024 Source: IBM Software Affected: IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector Overview: IBM products are affected by the critical arbitrary command execution. The vulnerabilities may allow an attacker to remote codes on the affected system. …