CVE-2024-21762 and CVE-2024-23113 - Fortinet FortiOS Vulnerabilities Under Active Exploit Members Public

Fortinet has been busy patching several critical vulnerabilities in their popular FortiOS firewall platform. According to advisories and reports from Fortinet's PSIRT team as well as third-party researchers, a number of these flaws have already been exploited actively in targeted attacks. CVE-2024-21762 - Out-of-Bounds Write RCE The Fortinet

Altitude Security
Advisories

Critical Jenkins Vulnerabilities CVE-2024-23897 and CVE-2024-23898 - An Advisory Members Public

On January 24, 2024, the Jenkins project team published a security advisory notifying users of two critical vulnerabilities, CVE-2024-23897 and CVE-2024-23898, affecting versions of Jenkins prior to Jenkins 2.441 and earlier, LTS 2.426.2. These vulnerabilities could allow unauthenticated remote attackers to execute arbitrary code on Jenkins servers.

Altitude Security
Advisories

CVE-2023-22527 - A Critical Remote Code Execution Vulnerability in Atlassian Confluence Members Public

Atlassian disclosed a critical remote code execution (RCE) vulnerability in their collaboration software Confluence on January 16, 2024. Designated as CVE-2023-22527, this vulnerability posed a serious risk to any outdated and unpatched Confluence instances that were exposed to the internet. With a CVSS severity score of 10.0, this vulnerability

Altitude Security
Advisories

Authors →

Altitude Security