CVE-2022-40684 : FORTINET FORTIOS/FORTIPROXY ADMINISTRATIVE INTERFACE IMPROPER AUTHORIZATION

Description

A vulnerability was found in Fortinet FortiOS and FortiProxy. It has been classified as very critical. This affects an unknown part of the component Administrative Interface. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2022-40684. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

References

https://vuldb.com/?id.210272

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-26817 : LINUX KERNEL UP TO 6.8.5 AMDKFD KZALLOC INTEGER OVERFLOW

CVE-2024-26817 : LINUX KERNEL UP TO 6.8.5 AMDKFD KZALLOC INTEGER OVERFLOW

Description In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer

CVE-2024-3400 : PALO ALTO NETWORKS PAN-OS GLOBALPROTECT COMMAND INJECTION

CVE-2024-3400 : PALO ALTO NETWORKS PAN-OS GLOBALPROTECT COMMAND INJECTION

Description A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and

CVE-2024-21508 : MYSQL2 UP TO 3.9.3 READCODEFOR BIGNUMBERSTRINGS CODE INJECTION

CVE-2024-21508 : MYSQL2 UP TO 3.9.3 READCODEFOR BIGNUMBERSTRINGS CODE INJECTION

Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due