CVE-2023-30995 : IBM ASPERA FASPEX 5.0.5 HTTP REQUEST ACCESS CONTROL
Description IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP
CVE-2023-30908 : HPE ONEVIEW IMPROPER AUTHENTICATION
Description Potential security vulnerabilities have been identified in Hewlett Packard Enterprise OneView Software. These vulnerabilities could be remotely exploited to
Safeguarding Application Against Massive Attacks
The Rising Threat of Massive Cyberattacks Cyberattacks have increased in complexity and scale, making it imperative for organizations and individuals
CVE-2023-20238 : CISCO BROADWORKS APPLICATION DELIVERY PLATFORM SINGLE SIGN-ON REMOTE CODE EXECUTION
Description A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services
Unveiling The Latest Enhancement In API Security
In today’s digital landscape, APIs have become the backbone of modern software development, enabling seamless integration and data exchange between
CVE-2023-28581 : QUALCOMM WSA8835 WLAN FIRMWARE MEMORY CORRUPTION
Description Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. References https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin For More Information CVERecord
Securing Seamless Traffic Distribution On E-commerce Websites
Securing Seamless Traffic Distribution on E-commerce Websites In today’s digital landscape, e-commerce websites are essential to connecting businesses with consumers.
CVE-2023-4744 : TENDA AC8 16.03.34.06_CN_TDC01 FORMSETDEVICENAME STACK-BASED OVERFLOW
Description A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is
CVE-2023-39441 : APACHE AIRFLOW OPENSSL CERTIFICATE CERTIFICATE VALIDATION
Description Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected
CVE-2023-4041 : SILICON LABS GECKO BOOTLOADER ON ARM FIRMWARE UPDATE FILE PARSER MODULE BUFFER OVERFLOW
Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability
Prevention Of Attacks On Government Industry
Prophaze’s Prevention of Attacks on the Government Industry It is crucial for government agencies that depend on digital infrastructure to
CVE-2023-25915 : DANFOSS AK-SM800A UP TO 3.3 INPUT VALIDATION
Description Due to improper input validation, a remote attacker could execute arbitrary commands on the target system. References https://csirt.divd.nl/CVE-2023-25915 https://csirt.divd.nl/DIVD-2023-00025
CVE-2023-39808 : N.V.K.INTER IBSG 3.5 SSH HARD-CODED PASSWORD
Description N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login
CVE-2023-40175 : PUMA UP TO 5.6.6/6.3.0 CHUNKED TRANSFER ENCODING REQUEST SMUGGLING
Description Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior
CVE-2023-40171 : NETFLIX DISPATCH PRIOR 20230817 JWT INFORMATION EXPOSURE
Description Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for
CVE-2023-35893 : IBM SECURITY GUARDIUM 10.6/11.3/11.4/11.5 REQUEST OS COMMAND INJECTION
Description IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on
CVE-2023-4341 : BROADCOM RAID CONTROLLER WEB GUI PRIVILEGE ESCALATION
Description Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI.
CVE-2023-3266 : CYBERPOWER POWERPANEL ENTERPRISE 2.6.0 LDAP AUTHENTICATION SECURITY CHECK
Description A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if
CVE-2023-0871 : OPENMNS HORIZON/MERIDIAN XML EXTERNAL ENTITY REFERENCE
Description XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable
Battling Bot Attacks & Fraud On APIs With Prophaze WAF
Attacks on Application Programming Interfaces (APIs) have become significant cybersecurity challenges in today’s digital landscape. Bot attacks on APIs involve
10 Essential Steps To Detect And Counter Bot Activity
Bots have become a dominant force on the internet, with both positive and negative consequences. While some bots contribute to
CVE-2023-28380 : INTEL AI HACKATHON SOFTWARE UP TO 2.0.0 UNCONTROLLED SEARCH PATH
Description Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially
CVE-2023-30691 : SAMSUNG SMART PHONE AUTHENTICATIONCONFIG IMPROPER AUTHENTICATION
Description Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. References https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 For
CVE-2023-39213 : ZOOM DESKTOP CLIENT/VDI CLIENT UP TO 5.15.1 ON WINDOWS INJECTION
Description Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow