Citrix fixed critical and high-severity bugs in NetScaler product Pierluigi Paganini July 10, 2024 IT giant Citrix addressed multiple vulnerabilities, including critical and… Article Source https://securityaffairs.com/165553/uncategorized/citrix-fixed-netscaler-flaw.html
Very swiftly after their disclosure, Citrix has issued patches for two vulnerabilities in its Citrix Virtual Apps and Desktop technology that allow a remote attacker escalate privileges or execute code of their choice on vulnerable systems. Citrix… Article Source https://www.darkreading.com/cloud-security/citrix-patches-zero-day-recording-manager-bugs
What you need to know Google is beginning to roll out the November 2024 update for Pixel phones running Android 15, which will continue over the next week in a phased rollout. Pixel 6 and newer phones running Android 15 are eligible; however,… Article Source https://www.androidcentral.com/apps-software/googles-pixel-november-update-squashes-the-first-round-of-android-15-bugs
_JHVEPhoto_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop&w=1200&resize=1200,630&ssl=1 "Security Upgrades Available for 3 HPE Aruba Networking Bugs")
HPE Aruba Networking fixed three critical vulnerabilities found in its systems that could allow unauthenticated attackers remote code execution on compromised devices. The vulnerabilities, tracked as CVE-2024-42505, CVE-2024-42506, and… Article Source https://www.darkreading.com/vulnerabilities-threats/security-upgrades-available-hpe-aruba-networking-bugs
Two vulnerabilities in NetScaler’s ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor. CVE-2023-6548 could allow remote code execution (RCE) in the appliances’ management… Article Source https://www.theregister.com/2024/01/18/citrix_netscaler_bugs_attacked/
Citrix has recently fixed critical and high severity vulnerabilities in its NetScaler product. These security updates address issues such as improper authorization, memory buffer limitations, and privilege management flaws that could potentially lead to serious consequences if exploited by attackers. The most serious vulnerability, tracked as CVE-2024-6235, allows attackers with access to the NetScaler console … Read more
Microsoft’s July Patch Tuesday fix package is causing chaos for sysadmins, with at least two bugs actively being exploited. The updates address a total of 139 Microsoft CVEs. One of the vulnerabilities, CVE-2024-38080, is a Windows Hyper-V elevation of privilege flaw with a CVSS rating of 7.8, deemed “important” by Microsoft. Another bug, CVE-2024-38112, affects … Read more
Leap year issues were discovered in Citrix and Sophos products. Citrix users reported the HDX HTML5 Video Redirection Service malfunctioning on VDA machines. A workaround was suggested by changing the system date to 2024. Citrix shared a temporary fix until a permanent solution is in place. Sophos users experienced unexpected security certification validation warnings for … Read more
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. The most severe flaw patched today is CVE-2024-22267, a use-after-free flaw in the vbluetooth device demoed by the STAR Labs SG and Theori teams. “A malicious actor with local administrative privileges on … Read more
VMware on March 5 issued patches for a pair of flaws they rated as “critical” and in the “important” severity range for VMware ESXi, Workstation, and Fusion. VMware explained in an advisory to its customers that ESXi, Workstation, and Fusion contain a “use-after-free” vulnerability in the XHCI USB controller filed with NIST as CVE-2024-22252. VMware … Read more