Tanzania Computer Emergency Response Team

TZCERT-SU-24-0097 (Dell Security Update)

26th January 2024

Dell has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Dell Security Advisories dsa-2024-058, dsa-2024-059 and dsa-2023-409 and apply necessary updates.

TZCERT-SU-24-0096 (SUSE Security Update)

26th January 2024

SUSE has released security updates to address vulnerabilities in xorg-x11-server, Apache-parent and Firefox. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review SUSE Security Advisories suse-su-20240236-1, suse-su-20240224-1 and suse-su-20240228-1 and apply necessary updates.

TZCERT-SU-24-0095 (Drupal Security Update)

26th January 2024

Drupal has released security updates to address vulnerabilities in Swift mailer, Open Social and TFA. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Drupal Security Advisories sa-contrib-2024-006, sa-contrib-2024-005 and sa-contrib-2024-003 and apply necessary updates.

TZCERT-SU-24-0094 (Oracle Linux Security Update)

26th January 2024

Oracle has released security updates to address vulnerabilities in rpm, tomcat, sqlite, openssl, python-urllib, php and python. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Oracle Linux Security Advisories ELSA-2024-0463, ELSA-2024-0474, ELSA-2024-0465, ELSA-2024-12093, ELSA-2024-0464, ELSA-2024-0387 and ELSA-2024-0466 …

TZCERT-SU-24-0093 (HP Security Update)

26th January 2024

Hewlett-Packard has released security updates to address vulnerabilities in HPE OneView and Qualcomm WLAN. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisories hpesbgn04586 and hpsbhf03908 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0097 (Dell Security Update)

TZCERT-SU-24-0096 (SUSE Security Update)

TZCERT-SU-24-0095 (Drupal Security Update)

TZCERT-SU-24-0094 (Oracle Linux Security Update)

TZCERT-SU-24-0093 (HP Security Update)

Subscribe to Receive Regular Updates

Remote code vulnerabilities in Xiaomi Pro 13 smartphone (CVE-2024-4406, CVE-2024-4405, CVE-2023-26322)

All-in-One Video Gallery Plugin Authenticated Arbitrary File Upload vulnerability (CVE-2024-4033)

Code Execution Vulnerability on NVIDIA Triton Inference Server for Linux (CVE-2024-0087)

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)