UCSF IT Technology

Chrome released a new update (104.0.5112.101 for Mac and Linux, 104.0.5112.102 for Windows) that fixes 11 security vulnerabilities, including one zero-day high vulnerability that is being exploited in the wild. The zero-day vulnerability is described as a case of insufficient validation of untrusted input in

Fortinet has released security updates to address a very critical vulnerability in Fortinet FortiPortal. An attacker could remotely execute arbitrary code with root privileges.

Zoom has released security updates to address vulnerabilities in Zoom. These vulnerabilities allow an attacker to perform zero-click remote code execution (RCE).

Exim released security updates to address a vulnerability in Exim. An attacker could exploit this vulnerability to perform an out-of-bounds write.

Grails released security updates to address a vulnerability in Grails. An attacker could exploit this vulnerability to perform remote code execution.

The Apache Software Foundation has released a security update to address a vulnerability in Apache Hadoop. An attacker could exploit this vulnerability to perform arbitrary commands.

Mandiant reported a vulnerability in Laravel 5.1.0. An attacker could exploit this vulnerability to perform remote code execution. For a complete description of the vulnerabilities and affected systems: 

SAP has released its August Patch Day security updates to address vulnerabilities in multiple SAP Products. An attacker could exploit some of these vulnerabilities to retrieve sensitive information in plaintext over the network.

Cisco released security updates to address High vulnerabilities in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. These vulnerabilities could allow an unauthenticated, remote attacker to retrieve an RSA private key.