Cisco disclosed three vulnerabilities in its management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software product.

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution.

Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.

This vulnerability is a remote-control execution vulnerability affecting Microsoft SharePoint Server. The vulnerability was assigned a CVSSv3 score of 7.2 and could allow an authenticated site owner to execute code on an affected SharePoint Server.

Cisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device.

An improper neutralization of special elements used in a SQL command in Fortinet’s FortiClient EMS version 7.2.0 through 7.2.2. FortiClient EMS 7.0.1 through 7.0.10 allows attackers to execute unauthorized code or commands via specially crafted packets.