Google has released a new update for Chromecast with Google TV, focusing on security and stability. The update, codenamed STTE.240315.002, includes important security patches that increase the Android security patch level until April 2024. This 134 MB update is the fourth in just five months, surpassing the previous year’s update schedule. While the official changelog … Read more
Citrix has recently identified a critical vulnerability (CVE-2024-31497) in certain versions of its Citrix Hypervisor virtualization platform. This vulnerability is associated with the use of a vulnerable version of the PuTTY SSH client in XenCenter, the management console for Citrix Hypervisor. The affected versions of XenCenter, specifically those prior to 8.2.6 in the Citrix Hypervisor … Read more
A new exploit targeting VMware ESXi Shell Service has been discovered and is circulating on various hacking forums. This vulnerability poses a significant risk to organizations using VMware for their virtual environments, potentially allowing unauthorized access and control over virtual machines. The exploit, which explicitly targets the VMware ESXi Shell Service, was reported in a … Read more
Jan 17, 2024NewsroomVulnerability / Cyber Threat Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below – CVE-2023-6548 (CVSS score: 5.5) – Authenticated (low privileged) remote code execution on Management Interface (requires … Read more
VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection flaw that can allow unauthenticated remote code execution (RCE) attacks. It scored a perfect CVSS … Read more
Aria Automation is affected by a critical vulnerability that could be exploited to gain access to remote organizations and workflows. Source link
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. Cloud Director enables VMware admins to manage their organizations’ cloud services as part of Virtual Data Centers (VDC). The auth bypass security flaw only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release. The company also added … Read more
VMware has released a patch for a critical vulnerability in the vCenter Server with a high CVSS score. This vulnerability allows a remote unauthorized user to execute arbitrary code on a target system. RCE In VMWare vCenter Server Receives a Fix On October 25, 2023, VMware released a patch for a critical vulnerability CVE-2023-34048, which … Read more
Oct 25, 2023NewsroomVulnerability / Cyber Threat VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. “A malicious … Read more
VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems. VMware Aria is the vendor’s multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth. A single Aria Hub console provides centralized views and controls and … Read more