CSIRT - National Cybersecurity Emergency Responce Team
Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Juniper has released security updates to address multiple vulnerabilities in Junos OS, Junos OS Evolved, Paragon Active Assurance and Junos OS: EX4300 Series. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service condition. Read more
Palo Alto Networks публикува препоръки за уязвимост CVE-2024-3400, засягаща PAN-OS версии 10.2, 11.0 и 11.1. CVE-2024-3400 (CVSS v4.0 Score 10.0) засяга firewall-и конфигурирани с GlobalProtect gateway и/или GlobalProtect portal, и имат включена телеметрия. CERT България препоръчва потребителите и администраторите да се запознаят с препоръките за сигурност на Palo Alto Networks, да приложат необходимите актуализации.
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Read more
Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Read more
Ivanti has released security updates to address vulnerabilities in all supported versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure gateways. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Read more
Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and AP software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service. Read more
Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system.