all InfoSec news
OpenSSL3 CVE-2022-3602 CVE-2022-3786 vulnerabilities
Oct. 28, 2022, 7 a.m. |
FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a …
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories
FortiOS - Web server ETag exposure
3 weeks, 2 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file read on endpoint
3 weeks, 2 days ago |
fortiguard.fortinet.com
FortiNAC-F - Lack of certificate validation
3 weeks, 2 days ago |
fortiguard.fortinet.com
FortiOS - Format String in CLI command
3 weeks, 2 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file delete on endpoint
3 weeks, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Associate Manager, BPT Infrastructure & Ops (Security Engineer)
@ SC Johnson | PHL - Makati
Cybersecurity Analyst - Project Bound
@ NextEra Energy | Jupiter, FL, US, 33478
Lead Cyber Security Operations Center (SOC) Analyst
@ State Street | Quincy, Massachusetts
Junior Information Security Coordinator (Internship)
@ Garrison Technology | London, Waterloo, England, United Kingdom
Sr. Security Engineer
@ ScienceLogic | Reston, VA