This week we have 37 vendor disclosures from B&R, Broadcom, FortiGuard (28), GE Vernova (2), HP (2), HPE (2), and Moxa (3).
Advisories
B&R Advisory - B&R published an advisory
that describes a use of broken or risky cryptographic algorithm vulnerability in
their Automation Run Time and Mapp View products.
Broadcom Advisory - Broadcom published an
advisory that discusses two missing verification for short frame vulnerabilities
in their Brocade ASCG product.
FortiGuard Advisory #1 - FortiGuard published an advisory that describes
an operation on a resource after expiration or release vulnerability in their
FortiManager product.
FortiGuard Advisory #2 - FortiGuard published an advisory that describes
a path traversal vulnerability in their FortiAnalyzer and FortiManager products.
FortiGuard Advisory #3 - FortiGuard published an advisory that describes
a path traversal vulnerability in their FortiManager product.
FortiGuard Advisory #4 - FortiGuard published an advisory that describes
a path traversal vulnerability in their FortiAnalyzer and FortiManager
products.
FortiGuard Advisory #5 - FortiGuard published an advisory that describes
an authentication bypass using an alternate path or channel vulnerability
(listed in CISA’s KEV catalog) in their
FortiOS and FortiProxy products vulnerability.
FortiGuard Advisory #6 - FortiGuard published an advisory that describes
an OS command injection vulnerability in their FortiManager.
FortiGuard Advisory #7 - FortiGuard published an advisory that describes
an insertion of sensitive data into sent data vulnerability in their FortiOS
product.
FortiGuard Advisory #8 - FortiGuard published an advisory that describes
an HTTP request/response splitting vulnerability in their FortiOS and
FortiProxy products.
FortiGuard Advisory #9 - FortiGuard published an advisory that describes
and OS command injection vulnerability in their FortiAP products.
FortiGuard Advisory #10 - FortiGuard published an advisory that
describes the use of hard-coded cryptographic key vulnerability in their
FortiSwitch products.
FortiGuard Advisory #11 - FortiGuard published an advisory that describes
an origin validation error vulnerability in their FortOS products.
FortiGuard Advisory #12 - FortiGuard published an advisory that describes
an integer overflow of wrap around vulnerability in their FortiOS products.
FortiGuard Advisory #13 - FortiGuard published an advisory that describes
a missing authentication for critical function vulnerability in their
FortiManager products.
FortiGuard Advisory #14 - FortiGuard published an advisory that describes
an allocation of resources without limit or throttling vulnerability in their FortiOS
products.
FortiGuard Advisory #15 - FortiGuard published an advisory that describes
two incorrect privilege assignment vulnerabilities in their FortiAnalyzer and
FortiManager products.
FortiGuard Advisory #16 - FortiGuard published an advisory that describes
two NULL pointer dereference vulnerability in their FortiOS products.
FortiGuard Advisory #17 - FortiGuard published an advisory that describes
an OS command injection vulnerability in their FortiManager products.
FortiGuard Advisory #18 - FortiGuard published an advisory that describes
an out-of-bounds read vulnerability in their FortOS products.
FortiGuard Advisory #19 - FortiGuard published an advisory that describes
an out-of-bounds write vulnerability in their ForiOS product.
FortiGuard Advisory #20 - FortiGuard published an advisory that describes
an out-of-bounds write vulnerability in their FortiAnalyzer and FortiManager
products.
FortiGuard Advisory #21 - FortiGuard published an advisory that describes
two path traversal vulnerabilities in multiple FortiGuard products.
FortiGuard Advisory #22 - FortiGuard published an advisory that describes
an OS command injection vulnerability in their FortiSwitch products.
FortiGuard Advisory #23 - FortiGuard published an advisory that describes
an SQL injection vulnerability in their FortiAnalyzer and FortiManager products.
FortiGuard Advisory #24 - FortiGuard published an advisory that describes
an out-of-bounds read vulnerability in their FortiOS products.
FortiGuard Advisory #25 - FortiGuard published an advisory that describes
a stack-based buffer overflow vulnerability in their FortiAnalyzer and
FortiManager products.
FortiGuard Advisory #26 - FortiGuard published an advisory that describes
an allocation of resources without limit or throttling vulnerability in their
FortiOS products.
FortiGuard Advisory #27 - FortiGuard published an advisory that describes
2 weak authentication vulnerabilities in multiple products.
FortiGuard Advisory #28 - FortiGuard published an advisory that describes
an externally controlled reference to a resource in another sphere vulnerability
in multiple FortiGuard products.
GE Vernova Advisory #1 - GE published an
advisory that describes two vulnerabilities (both listed in CISA’s Known
Exploited Vulnerabilities catalog) in their Control Server installations
utilizing VMware vCenter Server.
GE Vernova Advisory #2 - GE published an
advisory that discusses an Ivanti Security
Controls incorrect default permissions vulnerability.
HP Advisory #1 - HP published an
advisory that discusses seven vulnerabilities in multiple HP products.
HP Advisory #3 - HP published an advisory that discuses
468 vulnerabilities in their ThinPro computer.
HPE Advisory #1 - HPE published an
advisory that describes two vulnerabilities in their AOS-8 and AOS-10
Command Line Interface.
HPE Advisory #2 - HPE published an
advisory that discusses twelve vulnerabilities in their HP-UX Apache Web
Server.
Moxa Advisory #1 - Moxa published an
advisory that describes a missing authentication for critical function
vulnerability in their Ethernet Switches.
Moxa Advisory #2 - Moxa published an
advisory that describes a cross-site scripting vulnerability in their MGate
5121/5122/5123 series products.
Moxa Advisory #3 - Moxa published an
advisory that describes a reliance on security through obscurity
vulnerability in their EDS-508A series ether net switches.
Posts
No comments:
Post a Comment