A Vulnerability in FortiOS / FortiProxy / FortiSwitch Manager Could Allow for Authentication Bypass
A vulnerability has been discovered in FortiOS, FortiProxy and FortiSwitchManager, which could allow for authentication bypass on administrative interface. FortiOS is the Fortinet’s proprietary Operation...
Critical Patches Issued for Microsoft Products, October 11, 2022
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged...
DSA-5252 libreoffice – security update
It was discovered that insufficient validation of vnd.libreoffice.command URI schemes could result in the execution of arbitrary macro commands. Read More
CVE-2021-36201
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000 version 2.90 and prior versions. This issue affects: C•CURE 9000 2.90...
CVE-2020-14129
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who...
CVE-2020-14131
The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts...
CVE-2021-0696
In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege...
CVE-2021-0951
In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege with...
USN-5670-1: .NET 6 vulnerability
Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary code....
CVE-2021-36899
Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Gabe Livan's Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 at WordPress. Read More