Multiple Vulnerabilities in Pulse Secure VPN

Original release date: October 16, 2019

The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT) actors.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information and to apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Update for Harbor Container Registry for PCF

Original release date: October 16, 2019

VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0016 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Oracle Releases October 2019 Security Bulletin

Original release date: October 15, 2019

Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle October 2019 Critical Patch Update and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates for Multiple Products

Original release date: October 15, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.