[FD] APPLE-SA-2019-9-27-1 iOS 13.1.1 and iPadOS 13.1.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-9-27-1 iOS 13.1.1 and iPadOS 13.1.1 iOS 13.1.1 and iPadOS 13.1.1 are now available and address the following: Sandbox Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impac

[FD] PDFex: Security weakness in PDF encryption

In the scope of academic research at Ruhr University Bochum and Münster and University of Applied Sciences, Germany, two severe flaws in the PDF encryption standard have been discovered, which both lead to full plaintext exfiltration in an active-attacker scenario. * Website, including proof-of-co

[FD] Duplicator Pro <= 1.3.14: Local Information Disclosure

Product: Duplicator Pro Vendor:  SnapCreek Website: https://snapcreek.com/ Discovered by: Evolution Hosting Version vulnerable: <= 1.3.14 Fixed in: 1.3.15+ Vulnerability Type:  Information Disclosure, local exposure of entire webinstallation content remotely triggerable: not for itself. Needs wp

[FD] Metasploit Pro Includes a 4 year old Java Runtime with 223 vulnerabilities 53 being critical

A ticket was created with Rapid7 more than two months ago now regarding the 4 year old java library that is being included with Metasploit Pro. The library is responsible for 53 critical vulnerabilities in our scans. After 3 months the library has not been updated. Status

[FD] Fortinet FortiSIEM - Improper Certificate Validation

Product Name: FortiSIEM Tested versions: 5.0, 5.2.1 Fixed in version: Only a manual workaround is available from Fortinet as of this writing Weakness Type: CWE-295 - Improper Certificate Validation Discovered by: Andrew Klaus (Cybera Canada) CVE: Pending == Disclosure Timeline: June 25, 2019: In