Monthly Patches for Fortinet are out. New Alerts for GE Grid Solutions, HPE, Apache, InfiRay, and Linux.
Fortinet
Fortinet Monthly Patches are out, with 7 new bulletins, 1 rated Critical, 3 rated High, and 3 Medium. Highest CVSSv3 score of 9.
More info.
Fortinet has updated Apache Airflow library to address security vulnerabilities that affect some Fortinet products. CVSSv3 score of 9
More info.
A use of hard-coded cryptographic key vulnerability in FortiDDoS API may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device. CVSSv3 score of 7.8
More info.
In several GE Renewable Energy products, setting the HTTP server TCP Port number to 0 is intended to disable HTTP, but it doesn't.
More info.
Security vulnerabilities have been identified with the HP-UX Common Internet File System (CIFS) Client/Server software. These vulnerabilities could be exploited remotely to allow unauthorized access to data, compromise system integrity, escalation of privilege, disclosure of information and bypass authentication restrictions. Highest CVSSv3 score of 7.5
More info.
Apache HTTP Server has been updated to correct several security vulnerabilities, 1 rated Moderate and the rest rated Low.
More info.
The IRAY A8Z3 thermal camera for industrial application, manufactured by Infiray/IRay Technologies, is affected by multiple vulnerabilities.
More info.
Ubuntu has updated the kernel. More info.