Google released its May 2025 security updates for Android, addressing 45 security vulnerabilities. One of the 45 vulnerabilities is an actively exploited zero-click FreeType 2 code execution vulnerability. CISA acknowledged the vulnerability’s active exploitation by adding it to its Known Exploited Vulnerabilities Catalog. CISA urged users to patch the flaw before May 27, 2025.
Tag: Out-of-Bound Write Vulnerability
FortiOS & FortiProxy Out-of-bounds Write Vulnerability in Captive Portal (CVE-2023-42789 & CVE-2023-42790)
Fortinet has released a patch to address two vulnerabilities impacting FortiOS and FortiProxy. Tracked as CVE-2023-42789 & CVE-2023-42790, the vulnerabilities are given a critical severity rating with a CVSS score of 9.3. Successful exploitation of the vulnerabilities may allow an attacker to execute unauthorized code.
FortiOS Out-of-Bound Write Vulnerability Under Active Exploitation (CVE-2024-21762)
Fortinet has addressed an out-of-bounds write vulnerability impacting FortiOS. Tracked as CVE-2024-21762, the vulnerability has a critical severity rating with a CVSS score 9.6. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests. Fortinet quoted in the advisory that vulnerability is potentially exploited … Continue reading “FortiOS Out-of-Bound Write Vulnerability Under Active Exploitation (CVE-2024-21762)”
