What Is Cross-site Scripting?
All about Cross-site Scripting Cross-site scripting (XSS) is a type of web vulnerability that allows attackers to inject malicious scripts
CVE-2023-27876 : IBM TRIRIGA 4.0 XML EXTERNAL ENTITY REFERENCE
Description IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote
CVE-2023-20102 : CISCO SECURE NETWORK ANALYTICS HTTP REQUEST DESERIALIZATION
Description A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to
What Is Meant By Broken Access Control?
What is meant by Broken Access Control? Broken access control is the first category in OWASP Top 10 web application
Deploying Prophaze WAF On-Premises On GCP
Prophaze WAF is a security tool that can secure your web applications from various attacks. It can be deployed on
CVE-2023-28843 : PAYPAL UP TO 3.16.3 ON PRESTASHOP SQL INJECTION
Description PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL
Deploying Prophaze WAF On-Premises On Azure
Secure Your on-premises Azure Environment with Prophaze WAF On-premises Azure Environment deploys Azure services and resources on servers within an
API Security
Prophaze API Security AI-Powered Protection for Every API. Zero Compromise Prophaze API Security offers next-gen protection for your APIs with
Deploying Prophaze WAF On-Premises On AWS
Protect Your on-premises AWS Workloads with Prophaze WAF Deploying Prophaze WAF on your on-premises AWS workloads allows you to have
CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW
Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to
What Is On-Premises? How Prophaze Supports On-Premises?
Overview On-premises means that a business installs and controls its own software, hardware, or infrastructure within its physical space. Prophaze
Prophaze’s WAF-as-a-Service
Prophaze’s WAF-as-a-Service Elevate Your Web Application Security with Prophaze’s WAF Prophaze’s WAF-as-a-Service is a reliable and effective solution to secure
What Is Broken Authentication? How It Works, And What Steps You Can Take To Prevent It?
Broken authentication is a common security vulnerability that occurs when an attacker is able to compromise the authentication process used
CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW
Description Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an
DDoS Protection
DDoS Protection Defending Against Distributed Denial of Service (DDoS) Attack Prophaze WAF protects website application from DDoS attacks by identifying
CVE-2023-26489 : WASMTIME 4.0.0/5.0.0/6.0.0 ON 64-BIT OUT-OF-BOUNDS WRITE
Description wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime’s code generator, Cranelift, has a bug
CVE-2023-27290 : IBM OBSERVABILITY WITH INSTANA MISSING AUTHENTICATION
Description Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do
Securing 3rd party API Integrations
Prophaze offers a wide range of cybersecurity solutions, including securing third-party API integrations. Helps to identify and mitigate potential security
CVE-2022-47986 : IBM ASPERA FASPEX 4.4.1 YAML DESERIALIZATION
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
CVE-2022-45699 : APSYSTEMS ECU-R 5203 ADMINISTRATION INTERFACE TIMEZONE COMMAND INJECTION
Description Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary
CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE
Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when
CVE-2023-22741 : SOFIA-SIP UP TO 1.12.4 LENGTH STUN_PARSE_ATTRIBUTE BUFFER OVERFLOW
Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both
On Premises WAF
On-Premises WAF Prophaze WAF Supports On-Premises Prophaze WAF support on-premises deployment to ensure compliance with security in industries such as
CVE-2021-32824 : APACHE DUBBO UP TO 2.6.9/2.7.9 TELNET DESERIALIZATION
Description Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to