Security Alerts and Advisories
Home > 
Security Alerts and Advisories
< back
2020-11-30
GovCERT.HK - High Threat Security Alert (A20-11-08): Multiple Vulnerabilities in Drupal
Drupal has released a security advisory to address two vulnerabilities in PEAR Archive_Tar library which is used in Drupal Core by default.
2020-11-19
GovCERT.HK - Security Alert (A20-11-07): Vulnerability in Drupal
Drupal has released a security advisory to address a vulnerability of improper sanitisation of filenames on uploaded files in Drupal Core.
2020-11-18
GovCERT.HK - Security Alert (A20-11-06): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-50 and MFSA 2020-51) to address multiple vulnerabilities in Firefox browser.
2020-11-12
GovCERT.HK - Security Alert (A20-11-05): Multiple Vulnerabilities in Palo Alto PAN-OS
Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.
2020-11-11
GovCERT.HK - High Threat Security Alert (A20-11-04): Multiple Vulnerabilities in Microsoft Products (November 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-11-10
GovCERT.HK - Security Alert (A20-11-03): Vulnerability in Firefox
Mozilla has published a security advisory (MFSA 2020-49) to address a vulnerability in Firefox browser.
2020-11-6
GovCERT.HK - High Threat Security Alert (A20-11-02): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released both iOS 14.2 and iPadOS 14.2 as well as iOS 12.4.9 to fix multiple vulnerabilities in various Apple devices.
2020-11-4
GovCERT.HK - Security Alert (A20-11-01): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities
2020-10-22
GovCERT.HK - Security Alert (A20-10-07): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco product running Cisco FXOS Software, Cisco Adaptive Security Appliance (ASA) Software, Firepower Threat Defense (FTD) Software or Cisco Firepower Management Center (FMC) Software.
2020-10-21
GovCERT.HK - High Threat Security Alert (A20-10-06): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2020)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2020-10-21
GovCERT.HK - Security Alert (A20-10-05): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2020-10-21
GovCERT.HK - Security Alert (A20-10-04): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-45 and MFSA 2020-46) to address multiple vulnerabilities in Firefox browser.
2020-10-15
GovCERT.HK - Security Alert (A20-10-03): Vulnerability in SonicWall Products
SonicWall released a security advisory to address a buffer overflow vulnerability in SonicOS which is the operating system for SonicWall firewalls.
2020-10-14
GovCERT.HK - Security Alert (A20-10-02): Vulnerability in Adobe Flash Player
Adobe has released security updates to address a vulnerability in Adobe Flash Player.
2020-10-14
GovCERT.HK - High Threat Security Alert (A20-10-01): Multiple Vulnerabilities in Microsoft Products (October 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-9-28
GovCERT.HK - Security Alert (A20-09-08): Multiple Vulnerabilities in FortiGate and FortiOS
FortiNet released security advisories to address multiple vulnerabilities in FortiGate and FortiOS software.
2020-9-25
GovCERT.HK - Security Alert (A20-09-07): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS and IOS XE.
2020-9-23
GovCERT.HK - Security Alert (A20-09-06): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-42 and MFSA 2020-43) to address multiple vulnerabilities in Firefox browser.
2020-9-18
GovCERT.HK - Security Alert (A20-09-05): Multiple Vulnerabilities in Citrix Products
Multiple vulnerabilities have been found in Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP.
2020-9-17
GovCERT.HK - Security Alert (A20-09-04): Multiple Vulnerabilities in Drupal
Drupal has released security advisories to address multiple vulnerabilities in Drupal Core.
2020-9-17
GovCERT.HK - Security Alert (A20-09-03): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 14 and iPadOS 14 to fix multiple vulnerabilities in various Apple devices.
2020-9-10
GovCERT.HK - Security Alert (A20-09-02): Multiple Vulnerabilities in Palo Alto PAN-OS
Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.
2020-9-9
GovCERT.HK - Security Alert (A20-09-01): Multiple Vulnerabilities in Microsoft Products (September 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-8-31
GovCERT.HK - High Threat Security Alert (A20-08-09): Vulnerability in Cisco Products
Cisco released a security advisory to address a vulnerability in Cisco IOS XR software.
2020-8-27
GovCERT.HK - Security Alert (A20-08-08): Multiple Vulnerabilities in Pulse Secure Products
Pulse Secure released security advisories to address multiple vulnerabilities in the Pulse Connect Secure and Pulse Policy Secure server software.
2020-8-27
GovCERT.HK - Security Alert (A20-08-07): Multiple Vulnerabilities in Cisco Products
Cisco released 7 security advisories to address vulnerabilities in Cisco products running FXOS and NX-OS as well as those in Cisco Nexus 3000 and 9000 series switches.
2020-8-26
GovCERT.HK - Security Alert (A20-08-06): Multiple Vulnerabilities in Firefox
Mozilla has published three security advisories (MFSA 2020-36, MFSA 2020-37 and MFSA 2020-38) to address multiple vulnerabilities in Firefox browser.
2020-8-21
GovCERT.HK - Security Alert (A20-08-05): Multiple Vulnerabilities in ISC BIND
ISC has released security updates to fix multiple security vulnerabilities in BIND.
2020-8-17
GovCERT.HK - Security Alert (A20-08-04): Multiple Vulnerabilities in Apache HTTP Server
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules, including mod_proxy_uwsgi and mod_http2.
2020-8-14
GovCERT.HK - Security Alert (A20-08-03): Multiple Vulnerabilities in Apache Struts
Apache has released the security bulletins (S2-059, S2-060) to address the vulnerabilities in Apache Struts
2020-8-12
GovCERT.HK - Security Alert (A20-08-02): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2020-8-12
GovCERT.HK - High Threat Security Alert (A20-08-01): Multiple Vulnerabilities in Microsoft Products (August 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-7-29
GovCERT.HK - Security Alert (A20-07-09): Multiple Vulnerabilities in Firefox
Mozilla has published three security advisories (MFSA 2020-30, MFSA 2020-31 and MFSA 2020-32) to address multiple vulnerabilities in Firefox browser.
2020-7-24
GovCERT.HK - High Threat Security Alert (A20-07-08): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address vulnerabilities in the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software as well as in the Treck IP stack implementation.
2020-7-16
GovCERT.HK - Security Alert (A20-07-07): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 13.6 and iPadOS 13.6 to fix multiple vulnerabilities in various Apple devices.
2020-7-15
GovCERT.HK - Security Alert (A20-07-06): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2020)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2020-7-15
GovCERT.HK - High Threat Security Alert (A20-07-05): Multiple Vulnerabilities in Microsoft Products (July 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-7-8
GovCERT.HK - Security Alert (A20-07-04): Multiple Vulnerabilities in Citrix Products
Multiple vulnerabilities have been found in Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP.
2020-7-3
GovCERT.HK - High Threat Security Alert (A20-07-03): Multiple Vulnerabilities in F5 BIG-IP
F5 has published security advisories to address multiple vulnerabilities in the Traffic Management User Interface (TMUI) of F5 BIG-IP system.
2020-7-2
GovCERT.HK - Security Alert (A20-07-02): Vulnerability in Palo Alto PAN-OS
Palo Alto has published a security advisory to address a Security Assertion Markup Language (SAML) authentication vulnerability in PAN-OS.
2020-7-2
GovCERT.HK - Security Alert (A20-07-01): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-24 and MFSA 2020-25) to address multiple vulnerabilities in Firefox browser.
2020-6-29
GovCERT.HK - Security Alert (A20-06-11): Vulnerability in Apache Tomcat
Apache Software Foundation has released new versions of Apache Tomcat 8.5 and 9 to address a vulnerability in the Apache Tomcat.
2020-6-24
GovCERT.HK - Security Alert (A20-06-10): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2020-6-18
GovCERT.HK - Security Alert (A20-06-09): Multiple Vulnerabilities in Drupal
Drupal has released security advisories to address multiple vulnerabilities in Drupal Core.
2020-6-10
GovCERT.HK - Security Alert (A20-06-08): Vulnerability in Adobe Flash Player
Adobe has released security updates to address a vulnerability in Adobe Flash Player.
2020-6-10
GovCERT.HK - High Threat Security Alert (A20-06-07): Multiple Vulnerabilities in Microsoft Products (June 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-6-4
GovCERT.HK - Security Alert (A20-06-06): Multiple Vulnerabilities in Cisco Products
Cisco released 38 security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS, IOS XE, IOS XR, NX-OS software and Cisco IOx application environment.
2020-6-3
GovCERT.HK - Security Alert (A20-06-05): Vulnerabilities in Android
Google has released Android Security Bulletin June 2020 to fix multiple security vulnerabilities in Android operating system.
2020-6-3
GovCERT.HK - High Threat Security Alert (A20-06-04): Vulnerability in Cisco Products
Cisco released security advisory to address a vulnerability in Cisco NX-OS Software.
2020-6-3
GovCERT.HK - Security Alert (A20-06-03): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-20 and MFSA 2020-21) to address multiple vulnerabilities in Firefox browser.
2020-6-2
GovCERT.HK - Security Alert (A20-06-02): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address a Time-of-check Time-of-use (TOCTOU) issue in the service opener, an issue in the shader functionality and a memory leak vulnerability in the VMCI module.
2020-6-2
GovCERT.HK - Security Alert (A20-06-01): Vulnerability in Apple iOS and iPadOS
Apple has released iOS 13.5.1 and iPadOS 13.5.1 to fix a security vulnerability in various Apple devices.
2020-5-27
GovCERT.HK - Security Alert (A20-05-06): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 12.4.7, iOS 13.5 and iPadOS 13.5 to fix multiple security vulnerabilities in various Apple devices.
2020-5-22
GovCERT.HK - Security Alert (A20-05-05): Multiple Vulnerabilities in Drupal
Drupal has released security advisories to address cross site scripting and open redirect vulnerabilities in the jQuery library and the "drupal_goto" function of Drupal Core.
2020-5-20
GovCERT.HK - Security Alert (A20-05-04): Vulnerability in ISC BIND
A vulnerability was found in Internet Systems Consortium (ISC) BIND software.
2020-5-13
GovCERT.HK - Security Alert (A20-05-03): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2020-5-13
GovCERT.HK - Security Alert (A20-05-02): Multiple Vulnerabilities in Microsoft Products (May 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-5-6
GovCERT.HK - Security Alert (A20-05-01): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-16 and MFSA 2020-17) to address multiple vulnerabilities in Firefox browser.
2020-4-28
GovCERT.HK - High Threat Security Alert (A20-04-06): Vulnerability in Sophos XG Firewall
Sophos has released a security hotfix to address a SQL injection vulnerability in Sophos XG Firewall firmware.
2020-4-28
GovCERT.HK - Security Alert (A20-04-05): Vulnerability in Squid
Squid has published a security advisory (SQUID-2020:4) to address an integer overflow vulnerability.
2020-4-15
GovCERT.HK - Security Alert (A20-04-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2020)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products. 
2020-4-15
GovCERT.HK - High Threat Security Alert (A20-04-03): Multiple Vulnerabilities in Microsoft Products (April 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. These security updates addressed multiple remote code execution vulnerabilities that are under active exploitation.
2020-4-8
GovCERT.HK - Security Alert (A20-04-02): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-12, MFSA 2020-13) to address multiple vulnerabilities in Firefox browser.
2020-4-6
GovCERT.HK - High Threat Security Alert (A20-04-01): Multiple Vulnerabilities in Firefox
Mozilla has published the security advisory (MFSA 2020-11) to address the use-after-free vulnerabilities in Firefox browser.
2020-3-27
GovCERT.HK - High Threat Security Alert (A20-03-09): Multiple Vulnerabilities in Red Hat JBoss
Red Hat has released new versions of JBoss Enterprise Application Platform to address multiple vulnerabilities in the Apache JServ Protocol (AJP), Apache Thrift and OpenSSL security provider.
2020-3-25
GovCERT.HK - Security Alert (A20-03-08): Multiple Vulnerabilities in Apple iOS and iPadOS 
Apple has released iOS 13.4 and iPadOS 13.4 to fix multiple security vulnerabilities in various Apple devices. 
2020-3-24
GovCERT.HK - Security Alert (A20-03-07): Multiple Vulnerabilities in Microsoft Windows
Multiple vulnerabilities have been found in the Microsoft Windows Adobe Type Manager library. 
2020-3-19
GovCERT.HK - Security Alert (A20-03-06): Vulnerability in Drupal
Drupal has released a security update to fix the vulnerability in the third-party CKEditor library. 
2020-3-18
GovCERT.HK - Security Alert (A20-03-05): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2020-3-17
GovCERT.HK - Security Alert (A20-03-04): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address use-after-free vulnerability in vmnetdhcp, improper file permissions in Cortado Thinprint, and improper protection for the configuration files of the VMware USB arbitration service.
2020-3-11
GovCERT.HK - Security Alert (A20-03-03): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories to address multiple browser vulnerabilities.
2020-3-11
GovCERT.HK - High Threat Security Alert (A20-03-02): Multiple Vulnerabilities in Microsoft Products (March 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. Reports indicate that active exploitation against the vulnerability in Microsoft Exchange Server for remote code execution have been observed. Microsoft also identified a new vulnerability in its Server Message Block 3.1.1 (SMBv3) protocol.
2020-3-6
GovCERT.HK - Security Alert (A20-03-01): Vulnerability in Point-to-Point Protocol Daemon (pppd)
A vulnerability was found in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response of the pppd (Point-to-Point Protocol Daemon).
2020-2-27
GovCERT.HK - Security Alert (A20-02-08): Vulnerability in Broadcom and Cypress Wireless Chipset
ESET has published a security report revealing technical details about a vulnerability in FullMAC wireless chipset manufactured by Broadcom and Cypress.
2020-2-27
GovCERT.HK - High Threat Security Alert (A20-02-07): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in ICU, streams and V8 of the Google Chrome.
2020-2-24
GovCERT.HK - High Threat Security Alert (A20-02-06): Vulnerability in Apache Tomcat
Apache Software Foundation has released new versions of Apache Tomcat 7, 8.5 and 9 to address a vulnerability in the Apache JServ Protocol (AJP).
2020-2-12
GovCERT.HK - Security Alert (A20-02-05): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-05 and MFSA 2020-06) to address multiple browser vulnerabilities. 
2020-2-12
GovCERT.HK - Security Alert (A20-02-04): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat
Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities. 
2020-2-12
GovCERT.HK - High Threat Security Alert (A20-02-03): Multiple Vulnerabilities in Microsoft Products (February 2020) 
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. 
2020-2-11
GovCERT.HK - Security Alert (A20-02-02): Vulnerability in Android
A vulnerability called BlueFrag was found in some Android systems.
2020-2-11
GovCERT.HK - Security Alert (A20-02-01): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address the vulnerabilities in the Cisco Discovery Protocol implementation of several Cisco products.
2020-1-29
GovCERT.HK - Security Alert (A20-01-06): Multiple Vulnerabilities in Apple iOS and iPadOS
Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.
2020-1-20
GovCERT.HK - High Threat Security Alert (A20-01-05): Vulnerability in Microsoft Internet Explorer
Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.
2020-1-15
GovCERT.HK - Security Alert (A20-01-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2020)
Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2020-1-15
GovCERT.HK - High Threat Security Alert (A20-01-03): Multiple Vulnerabilities in Microsoft Products (January 2020)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2020-1-13
GovCERT.HK - High Threat Security Alert (A20-01-02): Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
A vulnerability has been found in Citrix ADC and Citrix Gateway. An unauthenticated remote attacker may send a specially crafted command to an affected system to exploit the vulnerability.
2020-1-8
GovCERT.HK - High Threat Security Alert (A20-01-01): Multiple Vulnerabilities in Firefox
Mozilla has published two security advisories (MFSA 2020-01 and MFSA 2020-02) to address multiple browser vulnerabilities. Reports indicate that active exploitation against the vulnerability has been observed.