Skip to main content

The GitLab team released security updates that address a critical security vulnerability that could be exploited by a malicious actor to seize control of accounts.

Malicious actors are actively exploiting a critical vulnerability in Apache Log4j Version 2.15.0 . This exploit may lead to remote code execution on targeted servers running the vulnerable Log4j version.

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker can exploit this vulnerability to obtain access to sensitive information.

The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all users to review the security advisory.

Cisco published an update that the public exploit code exists for CVE-2020-350 and further notes that the vulnerability is being actively exploited. This affects Cisco products running vulnerable releases of Cisco ASA Software or FTD Software with a vulnerable AnyConnect or WebVPN configuration.

Google published an urgent security update that addresses 14 vulnerabilities for the Chrome browser. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all users and Systems Admins to immediately update to the latest version 91.0.4472.101.