CVE-2023-35087 : ASUS RT-AX56U V2/RT-AC86U CM_PROCESSCHANGEDCONFIGMSG FORMAT STRING
Description It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking
CVE-2023-37292 : HGIGA ISHERLOCK PRIOR 4.5-174/5.5-174 OS COMMAND INJECTION
Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in HGiga iSherlock 4.5 (iSherlock-user
What Is Broken Object Level Authorization? How To Prevent Such Vulnerabilities?
Broken Object Level Authorization is a security vulnerability that allows an attacker to access and manipulate data or functionality that
What Is OWASP Automated Threat (OAT – 019) – Account Creation?
Account creation is an essential process in web application security, but it is also a target for automated attacks. One
What Is A Brute Force Attack? What Are The Measures To Prevent Brute-force Attacks?
A brute-force attack is a method of guessing a password or other authentication credential by trying multiple combinations until the
What Is Protocol Validation? Why It’s Important?
Protocol validation is a critical aspect of cybersecurity that involves verifying whether network protocols adhere to industry standards and specifications.
What Is Input Validation And Why Is It Important?
Input validation is the process of verifying the integrity of data that is received by an application or system. This
What is Audit logging?
Audit logging is a critical component of cybersecurity that helps organizations monitor and record events that occur within their systems
What Is Vulnerability Scanning?
Vulnerability scanning is the process of systematically scanning and identifying potential security vulnerabilities in a system or network. This involves
What Is Token Cracking? What Are The Common Token Cracking Attacks?
Token cracking is a type of OWASP-identified automated threat that involves an attacker attempting to guess or crack access tokens
What Is Spamming?
Spamming is a prevalent OWASP-identified automated threat that is used by attackers to flood web applications with unwanted and unsolicited
What Is A Sniping Attack? How To Prevent It?
Sniping is an OWASP-identified automated threat that is commonly used by attackers to exploit the weaknesses of web applications. This
What Is A Skewing Attack?
Skewing is an OWASP identified automated threat that is commonly used by attackers to bypass security measures and gain unauthorized
CVE-2023-37289 : INFINITY DOCUMENT ON-LINE SUBMISSION AND APPROVAL SYSTEM 22547/22567 UNRESTRICTED UPLOAD
Description It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in
What Is Scraping?
Scraping is a common OWASP-identified automated threat, used by attackers to automate the collection of data from websites. It involves
What Is Footprinting?
Footprinting is a type of OWASP-identified automated attack that involves gathering information about a target system or network to identify
What Is Fingerprinting? How To Protect Against Fingerprinting Attacks?
Fingerprinting is a type of OWASP automated threat that is used to identify information about a target system or network.
What Is OAT-006 Expediting Attacks?
Expediting attacks, also known as “rush attacks”, are a type of OWASP automated threat that targets a business’s system or
CVE-2023-22018 : ORACLE VM VIRTUALBOX CORE REMOTE CODE EXECUTION
Description Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior
What Is Denial Of Service Attack? What Are The Different Types Of Denial Of Service Attacks?
Denial of Service (DoS) attacks have become increasingly prevalent in recent years. A DoS attack is an attempt to disrupt
CVE-2023-33193 : EMBY SERVER UP TO 4.7.11/4.8.30 REQUEST SMUGGLING
Description Emby Server is a user-installable home media server which stores and organizes a user’s media files of virtually any
What Is OWASP? Describe The OWASP Top 10?
Web applications have become an integral part of modern business operations. They enable companies to interact with their customers, employees,
What Is An HTTP Flood DDoS Attack?
An HTTP flood DDoS attack is a type of cyber attack that aims to overwhelm a web server with a
CVE-2023-21515 : SAMSUNG GALAXY STORE PRIOR 4.5.49.8 APK INPUT VALIDATION
Description InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to