DSA-5065 ipython – security update
It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if...
DSA-5064 python-nbxmpp – security update
It was discovered that missing input sanitising in python-nbxmpp, a Jabber/XMPP Python library, could result in denial of service in clients based on it (such...
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution.
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. iOS is a mobile operating system...
Critical VMware vCenter Server vulnerability (CVE-2021-22005) being exploited in the wild
FortiGuard Labs is aware that VMware disclosed a critical vulnerability (CVE-2021-22005) on September 21st, 2021 that affects vCenter Server versions 6.7 and 7.0. A malicious...
Multiple Agency Announcement on APT Actors Exploiting Zoho ManageEngine ADSelfService Plus (AA21-259A)
On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released...
A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation
A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating...
DSA-5063 uriparser – security update
Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the...
A Vulnerability in F5Networks BIG-IP Could Allow for Denial of Service
A vulnerability has been discovered in F5Networks BIG-IP, which could result in a denial-of-service (DoS). BIG-IP is a family of products covering software and hardware...