CVE-2023-48782 : FORTINET FORTIWLM UP TO 8.6.5 HTTP GET REQUEST OS COMMAND INJECTION
Description A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0
CVE-2023-32460 : DELL POWEREDGE PLATFORM PRIOR 2.20.1 BIOS MISSING AUTHENTICATION
Description Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability,
CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR
Description The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this
CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION
Description This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets
CVE-2023-49070 : APACHE OFBIZ UP TO 18.12.9 CODE INJECTION
Description Pre-auth RCE in Apache Ofbiz 18.12.09. It’s due to XML-RPC no longer maintained still present. This issue affects Apache
CVE-2023-40699 : IBM INFOSPHERE INFORMATION SERVER 11.7 DENIAL OF SERVICE
Description IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper
Consumer Alert: Staying Cyber-Safe Amidst The Holiday Shopping Surge
As the holiday season is upon us and the festivities begin to heat up, at the very least, it also
CVE-2023-42917 : APPLE IOS/IPADOS WEB CONTENTS MEMORY CORRUPTION
Description A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2,
CVE-2023-4474 : ZYXEL NAS326/NAS542 WSGI SERVER OS COMMAND INJECTION
Description The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542
CVE-2023-46589 : APACHE TOMCAT UP TO 8.5.95/9.0.82/10.1.15/11.0.0-M10 HTTP TRAILER HEADER REQUEST SMUGGLING
Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82
CVE-2023-48188 : OPARTDEVIS MODULE UP TO 4.5.18/4.6.12 ON PRESTASHOP GETMODULETRANSLATION SQL INJECTION
Description SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a
CVE-2023-5972 : LINUX KERNEL UP TO 6.6-RC6 NETLINK ATTRIBUTE NFT_INNER.C NULL POINTER DEREFERENCE
Description A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue
CVE-2023-6263 : NETWORK OPTIX NXCLOUD PRIOR 23.1.0.40440 VMS SERVER AUTHENTICATION SPOOFING
Description An issue was discovered in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server
CVE-2023-48239 : NEXTCLOUD SERVER/ENTERPRISE SERVER UP TO 27.1.3 EXTERNAL STORAGE ACCESS CONTROL
Description Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to
CVE-2023-4149 : WAGO INDUSTRIAL MANAGED SWITCH WEB-BASED MANAGEMENT OS COMMAND INJECTION
Description A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full
CVE-2023-6019 : RAY URL PARAMETER CPU_PROFILE OS COMMAND INJECTION
Description A command injection exists in Ray’s cpu_profile URL parameter allowing attackers to execute os commands on the system running
CVE-2023-45616 : HPE ARUBAOS AIRWAVE CLIENT SERVICE BUFFER OVERFLOW
Description There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code
CVE-2023-31403 : SAP SAP BUSINESS ONE 10.0 SMB SHARED FOLDER ACCESS CONTROL
Description SAP Business One installation – version 10.0, does not perform proper authentication and authorization checks for SMB shared folder.
CVE-2023-39295 : QNAP QUMAGIE UP TO 2.1.2 OS COMMAND INJECTION
Description An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users
Surge In DDoS Attacks Amidst Israel-Hamas Conflict | Prophaze
Prophaze Highlights the Digital Frontline in Israel-Hamas Conflict In recent times, the world has witnessed an alarming surge in Distributed
CVE-2023-36409 : Microsoft Edge Information Disclosure
Description Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36409 For More Information CVERecord
CVE-2023-4295 : ARM VALHALL GPU KERNEL DRIVER PRIOR R42P0 INTEGER OVERFLOW
Description A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. References
CVE-2023-33045 : QUALCOMM 8 GEN 1 MOBILE PLATFORM NAN MANAGEMENT FRAME MEMORY CORRUPTION
Description Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. References https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin For More
Best Alternative To Stackpath On WAF And CDN For Web Security
When it comes to maintaining your online presence and increasing website performance, you need a robust WAF (Web Application Firewall)