The Zimbra team released a fix that addresses an XSS vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of data. This vulnerability has been actively exploited, making it imperative to take immediate action.

Microsoft released the November 2023 security updates that address multiple vulnerabilities in Microsoft software. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Sys and network admins to review and implement the appropriate patches.

Fortinet alerted its customers of an improper neutralization of special elements used in an OS Command vulnerability in FortiSIEM report server that may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API request.

The QNAP team released security updates that address two flaws (critical) affecting its operating system. The updates states that if exploited, the vulnerability could allow an attacker to execute commands via a network.

The Veeam team released security updates that address four flaws in its ONE IT monitoring and analytics platform. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Sys and network admins to review and implement the appropriate patches.

The F5 team released a security advisory that addresses a BIG-IP Configuration utility unauthenticated remote code execution vulnerability.