Tanzania Computer Emergency Response Team

TZCERT-SU-24-0009 (WordPress Security Update)

5th January 2024

Wordfence has released security updates to address vulnerabilities in WP Compress, ARForms, LearnPress and DSGVO Compliant. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories wp-compress, arforms, learnpress-4257, learnpress-4257-un and omgf-gdprdsgvo-compliant and apply necessary updates.

TZCERT-SU-24-0008 (Gentoo Linux Security Update)

5th January 2024

Gentoo has released security update to address a vulnerability in joblib. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review Gentoo Security Advisory and apply necessary updates.

TZCERT-SU-24-0007 (Wireshark Security Update)

5th January 2024

Wireshark has released security updates to address vulnerabilities in Wireshark. Exploitation of these vulnerabilities may allow an attacker to make Wireshark crash. Users and administrators are encouraged to review Wireshark Security Advisories wnpa-sec-2024-05, wnpa-sec-2024-04, wnpa-sec-2024-03, wnpa-sec-2024-02 and wnpa-sec-2024-01 and apply necessary updates.

TZCERT-SU-24-0006 (Red Hat Security Update)

2nd January 2024

Red Hat has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Red Hat Security Advisories and apply necessary updates.

TZCERT-SU-24-0005 (MediaTek Security Update)

2nd January 2024

MediaTek has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review MediaTek Security Advisory and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0009 (WordPress Security Update)

TZCERT-SU-24-0008 (Gentoo Linux Security Update)

TZCERT-SU-24-0007 (Wireshark Security Update)

TZCERT-SU-24-0006 (Red Hat Security Update)

TZCERT-SU-24-0005 (MediaTek Security Update)

Subscribe to Receive Regular Updates

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Critical vulnerabilities affecting IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector (CVE-2022-42920, CVE-2023-51385 and CVE-2023-39410)

AIKit 4.14.1 Authenticated SQL Injection (CVE-2024-31370)

Critical remote code execution vulnerability in XZ Library (CVE-2024-3094)

SQL Injection in Bamboo Data Center and Server (CVE-2024-1597)