Drupal released security updates that address Drupal 9.2 and 9.3. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Web & Sys admins to review and implement the updates.
WSO2 released security updates that addresses the ‘unrestricted file upload’ vulnerability affecting WSO2 products: API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager and Enterprise Integrator.
Oracle released a critical patch (cumulative) update that addresses multiple vulnerabilities. Malicious actors are actively exploiting these vulnerabilities.
The GitLab team released security updates that address a critical security vulnerability that could be exploited by a malicious actor to seize control of accounts.
Malicious actors are actively exploiting a critical vulnerability in Apache Log4j Version 2.15.0 . This exploit may lead to remote code execution on targeted servers running the vulnerable Log4j version.
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker can exploit this vulnerability to obtain access to sensitive information.