Incomplete Fix for Apache Struts 2 Vulnerability (CVE-2021-31805) Amended
FortiGuard Labs is aware that the Apache Software Foundation disclosed and released a fix for a potential remote code execution vulnerability (CVE-2021-31805 OGNL Injection vulnerability...
Post Title
A vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open source framework used for building...
Post Title
A vulnerability has been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...
Newly Patched VMware Vulnerability (CVE-2022-22954) Being Exploited in the Wild
FortiGuard Labs is aware that VMware has confirmed a recently patched critical vulnerability in VMware Workspace ONE Access and Identity Manager (CVE-2022-22954) has been exploited...
AST-2022-003: func_odbc: Possible SQL Injection
Posted by Asterisk Security Team on Apr 14 Asterisk Project Security Advisory - AST-2022-003 Product Asterisk Summary func_odbc: Possible SQL Injection Nature of Advisory SQL...
AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header
Posted by Asterisk Security Team on Apr 14 Asterisk Project Security Advisory - AST-2022-002 Product Asterisk Summary res_stir_shaken: SSRF vulnerability with Identity header Nature of...
AST-2022-001: res_stir_shaken: resource exhaustion with large files
Posted by Asterisk Security Team on Apr 14 Asterisk Project Security Advisory - AST-2022-001 Product Asterisk Summary res_stir_shaken: resource exhaustion with large files Nature of...
CVE-2020-25156
Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers...
CVE-2020-25158
A reflected cross-site scripting (XSS) vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and...
CVE-2020-25160
Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers...