UCSF IT Technology

Samsung released a security update to address High 0-day vulnerability in Android devices. This vulnerability may allow an attacker to escalate their privileges.

Atlassian has released security updates to address High vulnerabilities affecting multiple Atlassian products. For a complete description of the vulnerabilities and affected systems go to Security Bulletin - October 15 2024.  IT Security Read more about IT Security service offerings.

Nvidia has released a security update to address a vulnerability in Nvidia NeMo Gen-AI Framework. A successful exploit of this vulnerability may lead to code execution and data tampering. 

GitHub released GitHub Enterprise 3.14.0 to address Critical and other vulnerabilities in the GitHub Enterprise Server. An attacker could exploit this vulnerability to bypass  authentication for on-premise deployments. 

F5 released security updates to address Critical and other vulnerabilities in the F5 BIG-IP. This vulnerability may allow an authenticated attacker with Manager role privileges or greater, with access to the Configuration utility or TMOS Shell (tmsh), to elevate their privileges and compromise the BIG-IP system. 

Oracle released its October Critical Patch Update to address vulnerabilities in Oracle products.  An unauthenticated cyber threat actor could exploit some of these vulnerabilities to perform remote code execution.

Cisco has released security updates to address vulnerabilities in multiple Cisco Products.  A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

Splunk released security updates to address High and other Vulnerabilities in the Splunk Enterprise Product. An attacker could exploit these vulnerabilities to execute code remotely.