Fortra disclosed a critical-severity SQL injection flaw in FileCatalyst Workflow, and researchers have also published a proof-of-concept exploit code for the bug.
The flaws include a critical-severity MOVEit Transfer authentication bypass bug (CVE-2024-5806).
Researchers are detailing 21 recently patched vulnerabilities that impact certain Sierra Wireless routers, including one critical-severity and nine high-severity flaws.
The actively exploited flaw in Ivanti Endpoint Manager Mobile can be used in conjunction with another zero day addressed last week.
After deploying two patches, Barracuda said that businesses impacted by an actively exploited flaw must immediately replace their ESG appliances.