A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server
Overview : A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request
Website Security using Web Application Firewall – Prophaze WAF
Overview : A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request
[vc_row][vc_column][vc_column_text] Overview : An improper neutralization of input vulnerability in the Anomaly Detection interface of FortiWeb may allow a remote
[vc_row][vc_column][vc_column_text] Overview : A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a
[vc_row][vc_column][vc_column_text] Overview : The Spotfire library component of TIBCO Software Inc.’s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO
[vc_row][vc_column][vc_column_text] Overview : In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere’s web console uses the SnakeYAML library for parsing YAML
[vc_row][vc_column][vc_column_text] Overview : Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB
[vc_row][vc_column][vc_column_text] Overview : An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote
Google chrome’s anti-phishing algorithms show false positives? While trying to login to the internet banking website of India’s No:1 Private
Overview : TOPMeeting security issues fixed. Affected Product(s) : TOPMeeting before version 8.8 Vulnerability Details : CVE ID : CVE-2019-13409
Overview : Cisco Aironet Access Points Unauthorized Access Vulnerability CWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could
Overview : IBM Maximo Anywhere does not have device root detection which could result in an attacker gaining sensitive information
Overview : vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter. Affected Product(s) : vBulletin 5.5.4 Vulnerability
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
Jenkins Credentials Binding plugin is under attack to an info: disclosure vulnerability. Illigal use of this issue to gain control
Qualcomm Components are prone to an integer-underflow vulnerability because they fail to sufficiently validate an integer value. Attackers can exploit
Linux LibreOffice is under attack to a remote code-execution vulnerability and unauthorized-access vulnerability. Attackers use these issues to execute arbitrary
KDE KAuth was found to be prone to local privilege escalation vulnerability.An attacker can take advantage of this vulnerability to
LibreOffice was found to be prone to remote code execution vulnerability and also was affected with unauthorised access vulnerability. An
Qualcomm Components was found to be prone to integer -underflow vulnerability. They were failing in validating an integer value. An
Jenkins Credential binding plugin was found to be prone information -disclosure vulnerability. An attacker can take advantage of this vulnerability
GNU Binutils ‘libiberty’ was found to be prone to an integer overflow vulnerability as it fails to properly bound check
Exim was found to be prone to a privilege escalation vulnerability. An attacker can make use of this vulnerability to
FFmpeg was found to be prone to Security Bypass Vulnerability. An attacker can take advantage of this issue to bypass
Scapy was found to be prone to Remote Denial of Service Vulnerability. An attacker can make use of this issue