Skip to main content

CND News and Blog

New Vulnerabilities Wednesday 09 April


Monthly Patches are out for Fortinet, Microsoft, Adobe, and Ivanti. New Alerts for Google Chrome, Arista, and Linux.

Fortinet 

Monthly Patches are out with 10 new bulletins, 1 rated Critical, 2 rated High, 5 rated Medium, and 2 rated Low. Highest CVSSv3 score of 9.3
More info.

An unverified password change vulnerability in FortiSwitch GUI may allow a remote attacker to modify admin passwords via a specially crafted request. CVSSv3 score of 9.3
More info.

Microsoft 

Microsoft Monthly Patches include 126 fixes, one currently being exploited in the wild. Highest CVSSv3 score of 8.8
More info. And here.

Adobe 

Adobe Monthly Patches include security fixes for ColdFusion, After Effects, Media Encoder, Bridge, Commerce, AEM Forms, Premiere Pro, Photoshop, Animate, AEM Screens, FrameMaker, and XMP Toolkit SDK. Highest CVSSv3 score of 9.1
More info.

Google 

Google has updated Chrome for Desktop to fix 2 security vulnerabilities.
More info.

Arista 

On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear. CVSSv3 score of 9.1
More info.

Ivanti 

Ivanti Monthly Patches include 1 bulletin for Endpoint Manager. Highest CVSSv4 score of 7.8
More info.

Linux 

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/