Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 72 of 28407

Buffer Overflow via fortips driver

Posted by Cyberthreat Blog | Nov 18, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 7.1 A Heap-based Buffer Overflow vulnerability [CWE-122] in FortiClient Windows may allow an authenticated local IPSec user to execute arbitrary code or commands via “fortips_74.sys” driver. The...

CRLF Header Injection in webmail user GUI

Posted by Cyberthreat Blog | Nov 18, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 3.9 A CRLF Header Injection vulnerability [CWE-93] in FortiMail user GUI may allow an attacker to inject headers in the response via convincing a user to click on a specifically crafted link Revised on 2025-11-18...

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Posted by Cyberthreat Blog | Nov 18, 2025 | The Hacker News |

Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the wild. The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0. “An...

Cleartext credentials in diagnose output

Posted by Cyberthreat Blog | Nov 18, 2025 | Fortinet PSIRT Advisories |

CVSSv3 Score: 3.8 A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in FortiPAM may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators’...

New Startup Mate Launches With AI-Driven Security Operations Platform

Posted by Cyberthreat Blog | Nov 18, 2025 | DARKREADING |

Security teams can combat alert fatigue, high rates of false positives, and reduce time spent on...

Author: Cyberthreat Blog

Buffer Overflow via fortips driver

CRLF Header Injection in webmail user GUI

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Cleartext credentials in diagnose output

New Startup Mate Launches With AI-Driven Security Operations Platform