Security Alerts and Advisories
Home > 
Security Alerts and Advisories
< back
2019-12-19
GovCERT.HK - Security Alert (A19-12-06): Multiple Vulnerabilities in Drupal
Drupal released security updates to fix vulnerabilities resided in the Drupal Core and its modules.
2019-12-11
GovCERT.HK - Security Alert (A19-12-05): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 12.4.4, iOS 13.3 and iPadOS 13.3 to fix multiple security vulnerabilities in various Apple devices.
2019-12-11
GovCERT.HK - Security Alert (A19-12-04): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2019-12-11
GovCERT.HK - High Threat Security Alert (A19-12-03): Multiple Vulnerabilities in Microsoft Products (December 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. Reports indicate that active exploitation against the vulnerability in Microsoft Windows and Windows Server for privilege escalation have been observed.
2019-12-9
GovCERT.HK - Security Alert (A19-12-02): Vulnerability in VMware Products
VMware has published a security advisory to address a remote code execution vulnerability in OpenSLP that was used in VMware ESXi and Horizon Desktop-as-a-service (DaaS) appliance.
2019-12-4
GovCERT.HK - Security Alert (A19-12-01): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2019-36 and MFSA 2019-37) to address multiple browser vulnerabilities.
2019-11-26
GovCERT.HK - High Threat Security Alert (A19-11-04): Vulnerability in Apache Solr Search Platform
The Apache Software Foundation has released a security advisory to address an insecure setting issue in Apache Solr 8.1.1 and 8.2.0 for Linux.
2019-11-21
GovCERT.HK - Security Alert (A19-11-03): Vulnerability in ISC BIND
A vulnerability in the ISC BIND software could make it fail to effectively limit the number of concurrent TCP clients for avoiding resource overloading.
2019-11-13
GovCERT.HK - High Threat Security Alert (A19-11-02): Multiple Vulnerabilities in Microsoft Products (November 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. Reports indicate that active exploitation against the vulnerability in Microsoft Internet Explorer for remote code execution have been observed.
2019-11-1
GovCERT.HK - High Threat Security Alert (A19-11-01): Multiple Vulnerabilities in Google Chrome
Google released a security update to address use-after-free vulnerabilities in the PDFium and audio components of the Google Chrome.
2019-10-30
GovCERT.HK - Security Alert (A19-10-09): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 13.2 and iPadOS 13.2 to fix multiple security vulnerabilities in various Apple devices.l.
2019-10-28
GovCERT.HK - High Threat Security Alert (A19-10-08): Vulnerability in NGINX with PHP Installation
A vulnerability has been found in the PHP FastCGI Process Manager (PHP-FPM) for NGINX HTTP servers
2019-10-23
GovCERT.HK - Security Alert (A19-10-07): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories to address multiple browser vulnerabilities.
2019-10-18
GovCERT.HK - Security Alert (A19-10-06): Multiple Vulnerabilities in ISC BIND
Multiple vulnerabilities were found in ISC BIND software.
2019-10-17
GovCERT.HK - Security Alert (A19-10-05): Multiple Vulnerabilities in Cisco Aironet Access Points
Cisco released security advisories to address the vulnerabilities in Cisco Aironet Access Points (APs).
2019-10-16
GovCERT.HK - Security Alert (A19-10-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2019)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2019-10-16
GovCERT.HK - Security Alert (A19-10-03): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2019-10-15
GovCERT.HK - Security Alert (A19-10-02): Vulnerability in Sudo
A privilege escalation vulnerability was identified in Sudo package. 
2019-10-9
GovCERT.HK - Security Alert (A19-10-01): Multiple Vulnerabilities in Microsoft Products (October 2019)
Microsoft has released security updates addressing multiple vulnerabilities and which affect several Microsoft products or components.  
2019-9-27
GovCERT.HK - Security Alert (A19-09-07): Multiple Vulnerabilities in Apple devices
Apple has released iOS 12.4.2, iOS 13.1 and iPadOS 13.1 to fix multiple security vulnerabilities in various Apple devices.
2019-9-26
GovCERT.HK - Security Alert (A19-09-06): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address the vulnerabilities in Cisco IOS, IOS XE, IOS XR and NX-OS software.
2019-9-24
GovCERT.HK - High Threat Security Alert (A19-09-05): Multiple Vulnerabilities in Microsoft Internet Explorer and Defender
Microsoft has released out-of-band security updates addressing the vulnerabilities found in the Internet Explorer and Microsoft Defender. Reports indicate that active exploitation against the vulnerability in Microsoft Internet Explorer for remote code execution has been observed.
2019-9-11
GovCERT.HK - Security Alert (A19-09-04): Multiple Vulnerabilities in Adobe Flash Player
Security updates are released for Adobe Flash Player to address the vulnerabilities.
2019-9-11
GovCERT.HK - High Threat Security Alert (A19-09-03): Multiple Vulnerabilities in Microsoft Products (September 2019)
Microsoft has released security updates addressing multiple vulnerabilities and which affect several Microsoft products or components.
2019-9-6
GovCERT.HK - Security Alert (A19-09-02): Multiple Vulnerabilities in PHP
Multiple vulnerabilities have been found in PHP.
2019-9-4
GovCERT.HK - Security Alert (A19-09-01): Multiple Vulnerabilities in Firefox
Mozilla has published three security advisories to address multiple browser vulnerabilities.
2019-8-30
GovCERT.HK - Security Alert (A19-08-07): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address the vulnerabilities in Cisco IOS XE, NX-OS and FXOS software.
2019-8-27
GovCERT.HK - Security Alert (A19-08-06): Vulnerability in Apple iOS
Apple has released a security update in its latest iOS version 12.4.1 to fix a vulnerability identified in various iOS devices.
2019-8-27
GovCERT.HK - High Threat Security Alert (A19-08-05): Multiple Vulnerabilities in Fortinet and Pulse Secure Products
Fortinet and Pulse Secure released security advisories to address the vulnerabilities in their SSL VPN services.
2019-8-27
GovCERT.HK - Security Alert (A19-08-04): Vulnerability in Squid
Squid has published a security advisory (SQUID-2019:5) to address a buffer overflow vulnerability.
2019-8-15
GovCERT.HK - Security Alert (A19-08-03): Vulnerability in Firefox
Mozilla has published a security advisory (MFSA 2019-24) to address a browser vulnerability.
2019-8-14
GovCERT.HK - Security Alert (A19-08-02): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader/Acrobat to address multiple vulnerabilities.
2019-8-14
GovCERT.HK - High Threat Security Alert (A19-08-01): Multiple Vulnerabilities in Microsoft Products (August 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.  Potential attackers are likely to exploit the Remote Desktop Services vulnerabilities for remote code execution.
2019-7-23
GovCERT.HK - Security Alert (A19-07-05): Multiple Vulnerabilities in Apple iOS
Apple has released a security update in its latest iOS version 12.4 to fix 36 vulnerabilities identified in various iOS devices.
2019-7-18
GovCERT.HK - Security Alert (A19-07-04): Vulnerability in Drupal
Drupal released security update to fix the vulnerability in the Workspaces module which are included in the Drupal core.
2019-7-17
GovCERT.HK - Security Alert (A19-07-03): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2019)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2019-7-10
GovCERT.HK - High Threat Security Alert (A19-07-02): Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox. Reports indicate that the vulnerabilities allow an attacker to run arbitrary code.
2019-7-10
GovCERT.HK - High Threat Security Alert (A19-07-01): Multiple Vulnerabilities in Microsoft Products (July 2019)
Microsoft has released security updates addressing multiple vulnerabilities and which affect several Microsoft products or components.
2019-6-24
GovCERT.HK - Security Alert (A19-06-09): Vulnerability in Dell SupportAssist
Dell released a security update to address a vulnerability in the PC Doctor component of the Dell SupportAssist software.
2019-6-21
GovCERT.HK - Security Alert (A19-06-08): Vulnerability in Apache Tomcat
Apache Software Foundation has released new versions of Apache Tomcat 8 and 9 to address a vulnerability in HTTP/2.
2019-6-21
GovCERT.HK - Security Alert (A19-06-07): Vulnerability in ISC BIND
A vulnerability was found in the ISC BIND software.
2019-6-21
GovCERT.HK - High Threat Security Alert (A19-06-06): Vulnerability in Firefox
Mozilla has published a security advisory to address the vulnerability found in Firefox.
2019-6-19
GovCERT.HK - High Threat Security Alert (A19-06-05): Vulnerability in Oracle WebLogic Server
Oracle has released an urgent patch to address a remote code execution vulnerability in Oracle WebLogic Server.
2019-6-19
GovCERT.HK - High Threat Security Alert (A19-06-04): Vulnerability in Firefox
Mozilla has published a security advisory to address the vulnerability found in Firefox. 
2019-6-12
GovCERT.HK - Security Alert (A19-06-03): Vulnerability in Firefox
Mozilla has published a security advisory to address the vulnerability found in Firefox
2019-6-12
GovCERT.HK - Security Alert (A19-06-02): Vulnerability in Adobe Flash Player
Security updates are released for Adobe Flash Player to address the vulnerability.
2019-6-12
GovCERT.HK - Security Alert (A19-06-01): Multiple Vulnerabilities in Microsoft Products (June 2019)
Security Alert (A19-06-01): Multiple Vulnerabilities in Microsoft Products (June 2019)
2019-5-27
GovCERT.HK - Security Alert (A19-05-11): Multiple Vulnerabilities in Intel Products
Intel has issued a security advisory to address multiple vulnerabilities in some Intel products.
2019-5-22
GovCERT.HK - Security Alert (A19-05-10): Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox.
2019-5-16
GovCERT.HK - Security Alert (A19-05-09): Multiple Vulnerabilities in Intel Products
Intel has recently disclosed a new group of vulnerabilities collectively known as Microarchitectural Data Sampling (MDS) affecting some Intel processors.
2019-5-15
GovCERT.HK - Security Alert (A19-05-08): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat
Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.
2019-5-15
GovCERT.HK - High Threat Security Alert (A19-05-07): Multiple Vulnerabilities in Microsoft Products (May 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. 
2019-5-14
GovCERT.HK - Security Alert (A19-05-06): Vulnerability in WhatsApp leading to spyware attacks on mobile devices
A security vulnerability has been identified in WhatsApp which would allow a remote attacker to install malicious code such as spyware, on a targeted mobile device by making a WhatsApp call.
2019-5-14
GovCERT.HK - Security Alert (A19-05-05): Multiple Vulnerabilities in Apple iOS 
Apple has released a security update in its latest iOS version 12.3 to fix 40 vulnerabilities identified in various iOS devices.
2019-5-14
GovCERT.HK - Security Alert (A19-05-04): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address the vulnerabilities in Cisco IOS XE software and the implementation of the hardware-based Secure Boot.
2019-5-2
GovCERT.HK - High Threat Security Alert (A19-05-02): Multiple Vulnerabilities in Dell SupportAssist Client
Dell released a security update to address multiple vulnerabilities in Dell SupportAssist Client installed on some Dell devices. The researcher who discovered the remote code execution vulnerability has recently released the proof-of-concept but fully workable exploit code on the Internet.
2019-5-2
GovCERT.HK - Security Alert (A19-05-01): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address the vulnerabilities in Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software.
2019-4-25
GovCERT.HK - Security Alert (A19-04-08): Multiple Vulnerabilities in ISC BIND
Multiple vulnerabilities were found in nxdomain-redirect feature and simultaneous TCP connections limit of the ISC BIND software.
2019-4-23
GovCERT.HK - Security Alert (A19-04-07): Vulnerability in Oracle WebLogic Server
Security researchers discovered a remote code execution vulnerability in wls9_async and wls-wsat components, which are included in the Oracle WebLogic Server.
2019-4-18
GovCERT.HK - Security Alert (A19-04-06): Multiple Vulnerabilities in Drupal
Drupal released security updates to fix the vulnerabilities in jQuery and Symfony libraries which are included in the Drupal core.
2019-4-17
GovCERT.HK - Security Alert (A19-04-05): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2019)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2019-4-15
GovCERT.HK - Security Alert (A19-04-04): Vulnerability in Apache Tomcat
Apache Software Foundation has released new versions of Apache Tomcat 7, 8 and 9 to address a vulnerability in CGI servlet.
2019-4-10
GovCERT.HK - Security Alert (A19-04-03): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat
Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.
2019-4-10
GovCERT.HK - High Threat Security Alert (A19-04-02): Multiple Vulnerabilities in Microsoft Products (April 2019)
Microsoft has released security updates addressing multiple vulnerabilities and which affect several Microsoft products or components. Reports indicate active exploitation against the vulnerabilities in Microsoft Windows have been observed.
2019-4-3
GovCERT.HK - High Threat Security Alert (A19-04-01): Multiple Vulnerabilities in Apache HTTP Server
The Apache Software Foundation released a security update to address multiple vulnerabilities in the modules of HTTP Server
2019-3-29
GovCERT.HK - Security Alert (A19-03-08): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in virtual USB 1.1 UHCI (Universal Host Controller Interface), virtual network adapters and VMware Tools.
2019-3-28
GovCERT.HK - Security Alert (A19-03-07): Multiple Vulnerabilities in Cisco Products (March 2019)
Cisco released security advisories to address multiple vulnerabilities in Cisco IOS and IOS XE software.
2019-3-26
GovCERT.HK - Security Alert (A19-03-06): Multiple Vulnerabilities in Apple iOS
Apple has released a security update in its latest iOS version 12.2 to fix 50 vulnerabilities identified in various iOS devices.
2019-3-25
GovCERT.HK - Security Alert (A19-03-05): Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox.
2019-3-20
GovCERT.HK - Security Alert (A19-03-04): Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox.
2019-3-13
GovCERT.HK - High Threat Security Alert (A19-03-03): Multiple Vulnerabilities in Microsoft Products (March 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2019-3-7
GovCERT.HK - High Threat Security Alert (A19-03-02): Vulnerability in Google Chrome
Google released a security update to address a use-after-free vulnerability in the FileReader application programming interface (API) of the Google Chrome.
2019-3-4
GovCERT.HK - High Threat Security Alert (A19-03-01): Vulnerability in Adobe ColdFusion
Adobe released a security update to address a “File Upload Restriction Bypass” vulnerability in ColdFusion. 
2019-2-25
GovCERT.HK - Security Alert (A19-02-08): Multiple Vulnerabilities in ISC BIND
Multiple vulnerabilities were found in "EDNS", "managed-keys" and "Dynamically Loadable Zones" features of the Internet Systems Consortium (ISC) BIND software.
2019-2-22
GovCERT.HK - Security Alert (A19-02-07) : Vulnerability in Adobe Reader/Acrobat
A security update is released for Adobe Reader and Acrobat to address a vulnerability. 
2019-2-21
GovCERT.HK - High Threat Security Alert (A19-02-06) : Vulnerability in Drupal
Drupal released security updates to fix the vulnerability resided in the Drupal Core and its modules. Report indicates that active exploitation against the vulnerability has been observed. 
2019-2-14
GovCERT.HK - Security Alert (A19-02-05) : Vulnerability in Linux Operating Systems
A vulnerability was found in the software deployment and package management system called snapd which is used by several Linux distributions.
2019-2-13
GovCERT.HK - Security Alert (A19-02-04) : Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox.
2019-2-13
GovCERT.HK - Security Alert (A19-02-03) : Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat
Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.
2019-2-13
GovCERT.HK - High Threat Security Alert (A19-02-02) : Multiple Vulnerabilities in Microsoft Products (February 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2019-2-8
GovCERT.HK - High Threat Security Alert (A19-02-01): Multiple Vulnerabilities in Apple iOS
Apple has released a security update in its latest iOS version 12.1.4 to fix 4 vulnerabilities identified in various iOS devices.  Report indicates that active exploitation against the vulnerabilities in Apple iOS have been observed.
2019-1-30
GovCERT.HK - Security Alert (A19-01-07): Multiple Vulnerabilities in Firefox
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox.
2019-1-23
GovCERT.HK - Security Alert (A19-01-06): Multiple Vulnerabilities in Apple iOS
Apple has released a security update in its latest iOS version 12.1.3 to fix 31 vulnerabilities identified in various iOS devices.
2019-1-17
GovCERT.HK - Security Alert (A19-01-05): Multiple Vulnerabilities in Drupal
Drupal released security updates to fix the vulnerabilities resided in the Drupal Core and the PEAR Archive_tar library.
2019-1-16
GovCERT.HK - Security Alert (A19-01-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2019)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2019-1-10
GovCERT.HK - Security Alert (A19-01-03): Multiple Vulnerabilities in Cisco Email Security Appliances
Cisco released security advisories to address multiple vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliances (ESA)
2019-1-9
GovCERT.HK - Security Alert (A19-01-02): Multiple Vulnerabilities in Microsoft Products (January 2019)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2019-1-4
GovCERT.HK - Security Alert (A19-01-01): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.