UCSF IT Technology

Google has released new versions of Chrome to address vulnerabilities in Google Chrome.For a complete description of the vulnerabilities and affected systems, go to Chrome Releases.IT Security Read more about IT Security service offerings.

Mozilla released security updates to address vulnerabilities in Firefox.For a complete description of the vulnerabilities and affected systems, go to Security Vulnerabilities fixed in Firefox.IT Security Read more about IT Security service offerings.

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite. If successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions.For a complete description of the vulnerabilities and affected systems, go to OpenSSH Release Notes.IT Security Read more about IT Security service offerings.

Juniper Networks last week published an out-of-cycle security bulletin to inform customers about the availability of patches for a critical authentication bypass vulnerability affecting its Session Smart Router product. The vulnerability may allow a network-based attacker to bypass authentication and take administrative control of the device.

PostgreSQL received a security update to address a vulnerability. An attacker could exploit this vulnerability to perform arbitrary code execution.For a complete description of the vulnerabilities and affected systems, go to CVE-2025-1094 - PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation.IT SecurityRead more about IT Security service offerings.

Ivanti has released its February Security Update to address Critical and other vulnerabilities in multiple Ivanti Products. A remote attacker could exploit these vulnerabilities to write arbitrary files and execute arbitrary code.For a complete description of the vulnerabilities and affected systems, go to Ivanti February Security Update.IT SecurityRead more about IT Security service offerings.

Nvidia has released a security update to address a vulnerability in the NVIDIA Container Toolkit. The vulnerability could be exploited to break out of a container's isolation protections and gain complete access to the underlying host.For a complete description of the vulnerabilities and affected systems, go to Security Bulletin: NVIDIA Container Toolkit - 11 February 2025.IT SecurityRead more about IT Security service offerings.