CVE-2024-21762 and CVE-2024-23113 - Fortinet FortiOS Vulnerabilities Under Active Exploit Paid Members Public
Fortinet has been busy patching several critical vulnerabilities in their popular FortiOS firewall platform. According to advisories and reports from Fortinet's PSIRT team as well as third-party researchers, a number of these flaws have already been exploited actively in targeted attacks. CVE-2024-21762 - Out-of-Bounds Write RCE The Fortinet
Critical Jenkins Vulnerabilities CVE-2024-23897 and CVE-2024-23898 - An Advisory Paid Members Public
On January 24, 2024, the Jenkins project team published a security advisory notifying users of two critical vulnerabilities, CVE-2024-23897 and CVE-2024-23898, affecting versions of Jenkins prior to Jenkins 2.441 and earlier, LTS 2.426.2. These vulnerabilities could allow unauthenticated remote attackers to execute arbitrary code on Jenkins servers.
CVE-2023-22527 - A Critical Remote Code Execution Vulnerability in Atlassian Confluence Paid Members Public
Atlassian disclosed a critical remote code execution (RCE) vulnerability in their collaboration software Confluence on January 16, 2024. Designated as CVE-2023-22527, this vulnerability posed a serious risk to any outdated and unpatched Confluence instances that were exposed to the internet. With a CVSS severity score of 10.0, this vulnerability