Home Security Threat Intelligence Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says

Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says

May 25, 2021

721

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2016-20011
PUBLISHED: 2021-05-25

libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync.

CVE-2020-20453
PUBLISHED: 2021-05-25

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service

CVE-2020-25672
PUBLISHED: 2021-05-25

A memory leak vulnerability was found in Linux kernel in llcp_sock_connect

CVE-2021-20209
PUBLISHED: 2021-05-25

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured.

CVE-2020-20450
PUBLISHED: 2021-05-25

FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.

Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says

Follow us on Instagram @thecyberpost

EDITOR PICKS

From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing...

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

Initial Access Brokers Shift Tactics, Selling More for Less

POPULAR POSTS

Oracle Database Password Hash Unauthorized Access

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

POPULAR CATEGORY

Researchers Unearth 167 Fake iOS & Android Trading Apps

Industrial Systems See More Vulnerabilities, Greater Threat

FBI: BEC Scammers Could Abuse Email Auto-Forwarding