Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.

The VMware security team released VMware tools updates that address a SAML Token Signature Bypass Vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all sys admins that use VMware Tools to review and implement the updates.

Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution. This is an out of cyle security release.

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.

The Drupal security team released an advisory that addresses the WebProfiler Cross Site Scripting vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all web admins to review and implement the updates.

Microsoft has released sixty-three security patches across a range of its products. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all system admins to review and implement the updates.