Vulnerability Assessment And Penetration Testing (VAPT)
Why would your Business need VAPT? It is very necessary to conduct a network security audit periodically to ensure the
Deploying Prophaze WAF On-Premises On AWS
Protect Your on-premises AWS Workloads with Prophaze WAF Deploying Prophaze WAF on your on-premises AWS workloads allows you to have
Vulnerability Scanner: Everything You Need to Know
A vulnerability scanner is a program that searches for vulnerabilities on a network, analyzing the attack surface. This software is
Amazon AWS CloudFront TLSv1.2_2019 inadequate encryption [CVE-2020-36363]
A vulnerability was found in Amazon AWS CloudFront TLSv1.2_2019 (Cloud Software). It has been declared as problematic. This vulnerability affects
Claws Mail/Sylpheed Link textview.c textview_uri_security_check Privilege Escalation
A vulnerability classified as problematic was found in Claws Mail and Sylpheed (Mail Client Software) (affected version unknown). Affected by
Vulnerability Assessment and Penetration Testing (VAPT)
Why would your Business need VAPT? It is very necessary to conduct a network security audit periodically to ensure the
unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by
TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms,
[vc_row][vc_column][vc_column_text] Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic
Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1
Overview : Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update
TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server
[vc_row][vc_column][vc_column_text] Overview : The Spotfire library component of TIBCO Software Inc.’s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO
Apache ShardingSphere(incubator) deserialization vulnerability
[vc_row][vc_column][vc_column_text] Overview : In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere’s web console uses the SnakeYAML library for parsing YAML
AWS Firecracker through v0.19.0 has a Buffer Overflow vuln
Overview : A logical error in bounds checking performed on vsock virtio descriptors can be used by a malicious guest
Apache NiFi 1.3.0 – 1.9.2 cyber flaws released
Overview : Multiple flaws was discovered in NiFi versions 1.3.0 to 1.9.2 Affected Product(s) : Apache NiFi 1.3.0 – 1.9.2
PostgreSQL security flaws
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
What Lies Beyond Critical RunC Vulnerabilities in Docker | Prophaze
A new vulnerability was found in runC command line tool, also known as Leaky Vessels, impacting the runtime engine for
RBI Mandated Web Application Firewall On Digital Products | Prophaze
The Reserve Bank of India (RBI) has recently mandated the implementation of web application firewalls (WAFs) and DDoS mitigation techniques
What Is Jenkins? What Are The Best Practices For Jenkins Security?
Jenkins is an open-source automation server that has emerged as a popular tool for streamlining software development workflows. In this
What Is Tsunami Google?
Tsunami is an open-source cybersecurity framework developed by Google. It enables security professionals to conduct large-scale, high-fidelity network security assessments,
Application Security Posture Management (ASPM)
Empowering Businesses with Application Security Posture Management The landscape of cybersecurity continues to change rapidly, making it difficult for businesses
Troubleshooting CoreDNS Issues In MicroK8s: A Technical Deep Dive
MicroK8s is a versatile tool for deploying Kubernetes clusters with minimal overhead. However, when dealing with production-like projects or even
Why WAF Is Important?
Why WAF Is Important? Enhance your web security and safeguards with a Web Application Firewall (WAF) by understanding its importance
What Is XML External Entity Injection? How To Prevent XXE Attacks?
Have you ever wondered how important XML is? And how insecure it can be if XML is parsed in an
What Is Components With Known Vulnerabilities? How To Mitigate The Risks Associated With The Usage Of Such Components?
Using vulnerable and outdated components is the sixth category in OWASP Top 10 web application security risks and one of
What Is Cross-site Scripting?
All about Cross-site Scripting Cross-site scripting (XSS) is a type of web vulnerability that allows attackers to inject malicious scripts