Drupal Security Advisory

The Drupal security team released an advisory that addresses the WebProfiler Cross Site Scripting vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all web admins to review and implement the updates. The details of the updates can be found here.

RELATED ADVISORIES

Advisories 24 July 2025

Spoofing and Remote Code Execution chain vulnerability

Scope: Microsoft share point servers

Severity: Critical

This advisory is to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as a network spoofing vulnerability, and a remote code execution (RCE) vulnerability chain. The chain, publicly reported as “ToolShell,” provides unauthenticated access to systems and authenticated access through network spoofing, respectively, and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.

Connection Hijacking Vulnerability- Huawei

Advisories 25 November 2024

Cross-site Scripting (XSS) Vulnerability- SPLUNK (Cisco)

Advisories 25 November 2024

Remote Access VPN Brute Force Denial of Service Vulnerability (Cisco)

Advisories 18 November 2024

Mass IT Outage – CrowdStrike Update

Advisories 20 July 2024

Vulnerabilities in Cisco ASA and FTD Software

Advisories 9 May 2024

Unauthenticated Command Injection vulnerability in SD-WAN Edge (VMware)

Advisories 9 May 2024