Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review Microsoft Advisory ADV200004 and apply …
Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system. TTCSIRT encourages users and administrators to review Juniper Security Advisory JSA 11021 and apply the necessary updates: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11021
Suse has released security update for Apache2 to address three vulnerabilities such as CVE-2020-1927, CVE-2020-1934 and CVE-2020-1938. This update fixes the following issues: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). CVE-2020-1938: mod_proxy_ajp: Add “secret” parameter to proxy workers to implement …
A Stored Cross-Site Scripting (XSS) vulnerability in VMware ESXi was privately reported to VMware. Patches are available to address this vulnerability in affected VMware products. VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955). The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the …
An improper authentication vulnerability in FortiMail and FortiVoiceEntreprise may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface. As a result, this can lead to Improper Access Control. Products Affected: FortiMail versions 5.4.10 and below.FortiMail versions 6.0.7 and below.FortiMail versions 6.2.2 and …