Ushauri wa Kiusalama

Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
Imechapishwa: Feb 15, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/02/15
Muhtasari:
The vulnerability (CVE-2024-21410, CVSS score: 9.8) results in NTLM cr...
Read more
IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework (CVE-2023-20883 and CVE-2016-1000027)
Imechapishwa: Feb 08, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/02/08-2
Muhtasari:
The vulnerabilities with CVEID CVE-2016-1000027 and CVE-2023-20883 res...
Read more
Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities (CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255)
Imechapishwa: Feb 08, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/02/08-1
Muhtasari:
Following insufficient CSRF protection for the web-based management in...
Read more
Unified CM and Unity Connection remote code execution and file upload vulnerabilities (CVE-2024-20253 and CVE-2024-20272)
Imechapishwa: Feb 02, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/02/02
Muhtasari:
CVE-2024-20253 is resulting from the improper processing of user-provi...
Read more
Apple WebKit Zero-Day vulnerability (CVE-2024-23222)
Imechapishwa: Jan 25, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/01/24
Muhtasari:
The vulnerability (CVE-2024-23222, CVSS score: 7.5) is a type of confu...
Read more
GitLab Critical Security Release for GitLab Community Edition (CE) and Enterprise Edition (EE)
Imechapishwa: Jan 15, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/01/15
Muhtasari:
The vulnerability (CVE-2023-7028, CVSS score: 10) is caused by a fault...
Read more
Ivanti VPN Zero-Day Vulnerability (CVE-2024-21887 and CVE-2023-46805)
Imechapishwa: Jan 15, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/01/15
Muhtasari:
CVE-2024-21887 (CVSS score of 9.1) is a command injection vulnerabilit...
Read more
Juniper Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution (CVE-2024-21591)
Imechapishwa: Jan 15, 2024 (tokea mwaka 1)
Reference No: TZCERT/SA/2024/01/15
Muhtasari:
This is caused by the Out-of-bounds Write vulnerability in J-Web of Ju...
Read more
Postfix: SMTP smuggling vulnerability (CVE-2023-51764) - CVE-2023-51764)
Imechapishwa: Jan 08, 2024 (tokea miaka 2)
Reference No: TZCERT/SA/2023/01/08
Muhtasari:
By exploiting interpretation differences of the SMTP protocol, it is p...
Read more

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio