Monthly Patches are out for Fortinet. New Alerts for Microsoft Edge, Dell, Ivanti, Wind River, and Linux.
Fortinet
Fortinet has published 7 bulletins in their Monthly Patches for their products. Highest CVSSv3 score of 9.8
More info.
A use of externally-controlled format string vulnerability in FortiOS fgfmd daemon may allow a remote attacker to execute arbitrary code or commands via specially crafted requests. CVSSv3 score of 9.8
More info.
An improper certificate validation vulnerability in FortiOS may allow a remote attacker in a MitM position to decipher and alter the FortiLink communication channel between the FortiOS device and a FortiSwitch instance. CVSSv3 score of 4.4
More info.
A out-of-bounds write vulnerability in FortiOS may allow a remote attacker to execute arbitrary code or command via specially crafted HTTP requests. CVSSv3 score of 9.6
More info.
HTTP/2 Rapid Reset Attack has been patched in FortiOS and FortiProxy. CVSSv3 score of 5.3
More info.
Microsoft has updated Edge to fix the latest chromium vulnerabilities.
More info.
SmartFabric Storage Software remediation is available for multiple security vulnerabilities. Dell rates this Critical.
More info.
A new vulnerability has been reported in certain versions of Ivanti Connect Secure, Policy Secure, and ZTA. CVSSv3 score of 8.2
More info.
Wind River Studio Developer uses Jenkins, and is vulnerable to session hijacking, and CLI command execution. Highest CVSSv3 score of 8.8
More info.
Red Hat has updated the firmware. More info.
Ubuntu has updated the kernel. More info.
Mageia has updated the kernel. More info.