Most Common Cyber Attacks You Must Be Aware of
Cyber attacks are one of the fastest-growing crimes in the cyber world. Cyberspace has become a major force in today’s
Make in India WAF
Make in India WAF Empowering Web Security with ‘Make in India’ Pride Prophaze navigates the complexities of the digital age,
Vulnerability Assessment and Penetration Testing (VAPT)
[vc_row][vc_column][vc_column_text] Why would your Business need VAPT? It is very necessary to conduct a network security audit periodically to ensure
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
[vc_row][vc_column][vc_column_text] Overview : NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user. Security
Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small.
[vc_row][vc_column][vc_column_text] Overview : Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer
MongoDB Enterprise Kubernetes Operator 1.2.5
[vc_row][vc_column][vc_column_text] Overview : X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the
Multiple vulnerabilities in EasyBlocks IPv6
[vc_row][vc_column][vc_column_text] Overview : Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and
Vulnerabilities Discovered in CIPAce Enterprise Platform
[vc_row][vc_column][vc_column_text] Overview : A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make
Data Center Security Privilege Escalation
[vc_row][vc_column][vc_column_text] Overview : Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers
[vc_row][vc_column][vc_column_text] Overview : PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the
security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144.
[vc_row][vc_column][vc_column_text] Overview : A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula.
[vc_row][vc_column][vc_column_text] Overview : The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to
PRTG-Network-Monitor-Information-Disclosure
[vc_row][vc_column][vc_column_text] Overview : PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the
unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
[vc_row][vc_column][vc_column_text] Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code
Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection
[vc_row][vc_column][vc_column_text] Overview : In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes
Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys.
[vc_row][vc_column][vc_column_text] Overview : Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an
CRLF/HTML entity injection with most recent version of PHPMyAdmin #16056
[vc_row][vc_column][vc_column_text] Overview : ** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF
In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.
[vc_row][vc_column][vc_column_text] Overview : In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.codeBeamer versions
Kubelet component in versions 1.15.0-1.15.9
[vc_row][vc_column][vc_column_text] Overview : The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a
NGINX Controller versions prior to 3.2.0,
[vc_row][vc_column][vc_column_text] Overview : In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API
TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms,
[vc_row][vc_column][vc_column_text] Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic
Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
[vc_row][vc_column][vc_column_text] Overview : Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo
ERPNext 11.1.47 allows blog?blog_category= Frame Injection.
[vc_row][vc_column][vc_column_text] Overview : ERPNext 11.1.47 allows blog?blog_category= Frame Injection. Affected Product(s) : Affected Software: ERPNext Affected Versions: 11.1.47 Vulnerability Details : CVE
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71
[vc_row][vc_column][vc_column_text] Overview : Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1