USN-5734-1: FreeRDP vulnerabilities
It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in...
CVE-2022-0222
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific...
Alert (AA22-321A): #StopRansomware: Hive Ransomware
FortiGuard Labs is aware of that the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and...
Joint CyberSecurity Advisory on a U.S. Federal Agency Breached by Iranian Threat Actors
FortiGuard Labs is aware of a joint advisory (AA22-320A) issued by Cybersecurity and Infrastructure security Agency (CISA) and the Federal Bureau of Investigation (FBI) on...
APT Billbug Victimized Asian Certification Authority and Government Agencies
FortiGuard Labs is aware of a report that APT group "Billbug" compromised a certificate authority (CA) as well as multiple government and defense organizations in...
ZDI-22-1655: (Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target...
ZDI-22-1654: Microsoft Exchange DagNetMultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1653: Microsoft Exchange FileHandler Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1652: Microsoft Exchange MatlabWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1651: Microsoft Exchange FormattedTextWriterTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More