Monthly Patches are out for Microsoft, Adobe, Fortinet, and Atlassian. New Alerts for Bosch and Linux.
Microsoft
Microsoft Monthly Patches include 35 new patches, 4 are rated Critical, 30 are rated Important, and 1 is rated Moderate. There are also 5 chromium vulnerabilities fixed in Edge. Highest CVSSv3 score of 9.6. One vulnerability was public.
More info. And here. And here.
Adobe Monthly Patches are out with updates for Prelude, Illustrator, InDesign, Dimension, Experience Manager, Substance3D Stager, Substance3D Sampler, Substance3D After Effects, and Substance3D Designer. Highest CVSSv3 score of 7.8
More info.
Fortinet has release 12 advisories as part of their Monthly Patches. Highest CVSSv3 score of 9.
More info.
An improper access control vulnerability in FortiMail configured with RADIUS authentication and remote_wildcard enabled may allow a remote attacker to bypass admin login via a crafted HTTP request. CVSSv3 score of 9.
More info.
An improper output neutralization for logs vulnerability in FortiWeb Traffic Log component may allow a remote attacker to forge traffic logs via a crafted URL of the web application. CVSSv3 score of 4.9
More info.
An improper access control vulnerability in FortiOS and FortiProxy allows a remote attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update. CVSSv3 score of 2.8
More info.
A security vulnerability in Bosch BT software products allows a remote attacker to interrupt normal functions and cause a DoS. Highest CVSSv3 score of 7.5
More info.
Atlassian has published their monthly bulletin for non-critical vulnerabilities. Highest CVSSv3 score of 7.5
More info.
OpenSUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.