CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.

** PSIRT Advisories**

**FortiClient - Privilege escalation in FortiClient installer**

**Summary**

An external control of file name or path vulnerability \[CWE-73\] in FortiClient Windows may allow an unprivileged attacker to delete or execute files with admin rights via the MSI installer.

**Affected Products**

FortiClientWindows version 6.0.X  
FortiClientWindows version 6.2.X  
FortiClientWindows version 6.4.0 through 6.4.6  
FortiClientWindows version 7.0.0 through 7.0.2

**Solutions**

Upgrade to FortiClient 7.0.3 or above  
Upgrade to FortiClient 6.4.7 or above

**Acknowledgement**

Ilias Dimopoulos of RedyOps Research Labs

Headline

CVE-2021-43066: Fortiguard

CVE: Latest News