CVE-2020-36510
The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX...
Previously Unseen Backdoor Bvp47 Potentially Victimized Global Targets
FortiGuard Labs is aware of a report by Pangu Lab that a new Linux backdoor malware that reportedly belongs to the Equation group was used...
F5 Releases August 2021 Security Advisory Including Critical CVE-2021-23031
FortiGuard Labs is aware that F5 released a security advisory on August 24th about vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ. The US Cybersecurity...
ProxyToken (CVE-2021-33766): Authentication Bypass in Microsoft Exchange Server
UPDATE 9/17 - An IPS signature has been released in definitions (18.160) as "MS.Exchange.Server.SecurityToken.Authentication.Bypass"FortiGuard Labs is aware of a new disclosure dubbed PROXYTOKEN, which is...
CVE-2021-21708
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the...
CVE-2020-27958
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1.8.18 allows remote authenticated users to provide crafted input in...
CVE-2020-36516
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker...
libsolv-0.7.21-1.fc35
FEDORA-2022-f8921a3891 Packages in this update: libsolv-0.7.21-1.fc35 Update description: Update to 0.7.21 (Linked CVEs should not affect even current version… but as somebody opened bunch of...
CVE-2021-22319
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows. Read More
Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4
Posted by YEUNG, Tsz Ko on Feb 24 Hi all, I would like to disclose the DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4 Details as below: Vulnerable Software and Version: 1....