Skip to main content

Multiple critical and high-severity vulnerabilities have been found in Joomla, a popular content management system (CMS). These vulnerabilities could allow attackers to inject malicious code into Joomla websites, steal data, or take control of websites.

Multiple critical and high-severity vulnerabilities have been found in Microsoft Exchange Servers. This vulnerability can be exploited by an attacker to bypass the SmartScreen user experience and attackers to take control of affected servers, steal data, or disrupt operations.

The Zimbra team released a fix that addresses an XSS vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of data. This vulnerability has been actively exploited, making it imperative to take immediate action.

Fortinet alerted its customers of an improper neutralization of special elements used in an OS Command vulnerability in FortiSIEM report server that may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API request.

Microsoft released the November 2023 security updates that address multiple vulnerabilities in Microsoft software. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Sys and network admins to review and implement the appropriate patches.

The QNAP team released security updates that address two flaws (critical) affecting its operating system. The updates states that if exploited, the vulnerability could allow an attacker to execute commands via a network.