CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

**![](https://fortiguard.com/static/images/icons/psirt.svg?v=4940) PSIRT Advisories**

**FortiOS - Buffer overflow in TFTP client library of CLI**

**Summary**

A buffer overflow \[CWE-121\] in the TFTP client library of FortiOS, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

**Affected Products**

FortiOS versions 6.0.13 and below,  
FortiOS versions 6.2.9 and below,  
FortiOS versions 6.4.7 and below,  
FortiOS versions 7.0.2 and below.

**Solutions**

Upgrade to FortiOS 7.0.3 or above,  
Upgrade to FortiOS 6.4.8 or above,  
Upgrade to FortiOS 6.2.10 or above,  
Upgrade to FortiOS 6.0.14 or above.

**Acknowledgement**

Internally discovered and reported by Giuseppe Cocomazzi of Fortinet Product Security team.

Headline

CVE-2021-42757: Fortiguard

CVE: Latest News