Category: Advisories

FEDORA-2022-4111b25ccc Packages in this update: xen-4.14.4-3.fc34 Update description: Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] race in VT-d domain...

FEDORA-2022-dfbf7e2372 Packages in this update: xen-4.15.2-3.fc35 Update description: Racy interactions between dirty vram tracking and paging log dirty hypercalls [XSA-397, CVE-2022-26356] race in VT-d domain...

An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute...

Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x...

Tenable.sc leverages third-party software to help provide underlying functionality. Two of the third-party components (Apache and OpenSSL) were found to contain vulnerabilities, and updated versions...

Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for remote code execution....

Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated...

An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2 may allow an authenticated attacker to silently halt the sniffer via specifically...

FEDORA-2022-1151f65e9a Packages in this update: postgresql-jdbc-42.2.25-1.fc35 Update description: Rebase on upstream version 42.2.25. This rebase fixes CVE-2022-21724. Read More

FortiGuard Labs is aware of a new campaign from the APT10/Cicada threat actors. Reported by researchers at Symantec, this latest campaign highlights the various tools...