A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.

Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution. This is an out of cyle security release.

The VMware security team released VMware tools updates that address a SAML Token Signature Bypass Vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all sys admins that use VMware Tools to review and implement the updates.

Cisco security has released an advisory that addresses the Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability.

The Drupal security team released an advisory that addresses the WebProfiler Cross Site Scripting vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all web admins to review and implement the updates.

WSO2 released security updates that addresses the ‘unrestricted file upload’ vulnerability affecting WSO2 products: API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager and Enterprise Integrator.