A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site

Alerts

Veritas Security Update

Veritas has released security updates to address vulnerabilities affecting Veritas InfoScale Operations Manager (VIOM). Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Veritas Security Advisory and apply necessary updates.

Slackware Security Update

Slackware has released security updates to address vulnerabilities affecting netatalk package. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Slackware Security Advisory and apply necessary updates.

IBM Security Update

IBM has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review IBM Security Bulletins dated 3rd May 2023 and apply necessary updates.

Debian Security Update

Debian has released security updates to address a vulnerability in nodejs package. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Debian Security Advisory and apply necessary updates.

Critical Vulnerability in VMware Workstation and Fusion (CVE-2023-20869)

Advisory No: TZCERT/SA/2023/04/28

Date of First Release: 28th April 2023

Source: VMware

Software Affected: VMware Workstation17.x and VMware Fusion 13.x

Overview:

VMware has released patches to address a critical vulnerability affecting VMware Workstation and VMware Fusion. The vulnerability could allow an attacker to take control of affected system.

Description:

VMware Workstation and VMware Fusion are infected with a stack-based buffer-overflow vulnerability in the functionality for sharing host Bluetooth devices with the virtual machine. The vulnerability allows a malicious an actor with local privilege to execute code as virtual machine’s VMX process running on the host. 

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

VMware has released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.vmware.com/security/advisories/VMSA-2023-0008.html
  2. https://docs.vmware.com/en/VMware-Fusion/13.0.2/rn/vmware-fusion-1302-release-notes/index.html
  3. https://docs.vmware.com/en/VMware-Workstation-Pro/17.0.2/rn/vmware-workstation-1702-pro-release-notes/index.html