Cisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device.

An improper neutralization of special elements used in a SQL command in Fortinet’s FortiClient EMS version 7.2.0 through 7.2.2. FortiClient EMS 7.0.1 through 7.0.10 allows attackers to execute unauthorized code or commands via specially crafted packets.

Multiple critical and high-severity vulnerabilities have been found in Microsoft Exchange Servers. This vulnerability can be exploited by an attacker to bypass the SmartScreen user experience and attackers to take control of affected servers, steal data, or disrupt operations.

Multiple critical and high-severity vulnerabilities have been found in Joomla, a popular content management system (CMS). These vulnerabilities could allow attackers to inject malicious code into Joomla websites, steal data, or take control of websites.

The Zimbra team released a fix that addresses an XSS vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of data. This vulnerability has been actively exploited, making it imperative to take immediate action.

Fortinet alerted its customers of an improper neutralization of special elements used in an OS Command vulnerability in FortiSIEM report server that may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API request.