CVE-2022-47952 : LXC UP TO 5.0.1 LXC-USER-NIC PRIVILEGE ESCALATION
Description lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file
CVE-2022-23555 : AUTHENTIK PRIOR 2022.10.4/2022.11.4/2022.12.0 IMPROPER AUTHENTICATION
Description authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable
CVE-2022-39165 : IBM AIX/VIOS CAA DENIAL OF SERVICE
Description IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA
CVE-2022-23477 : NEUTRINOLABS XRDP UP TO 0.9.20 AUDIN_SEND_OPEN BUFFER OVERFLOW
Description xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol
Security For Examination Portals
Security For Examination Portals The education sector has also been impacted greatly by the digitalisation post-Covid pandemic. Services have been
Prophaze WAF 3.0
Prophaze WAF 3.0 Prophaze WAF is the advanced, AI-powered solution you need to protect your web applications, APIs, microservices, and
Leading Power Industry strengthens API Security with Prophaze
Leading Power Industry strengthens API Security with Prophaze The reason behind choosing Prophaze is to reduce internal complexity, enhance API
Prophaze secures the healthcare industry
Prophaze Helps the Healthcare Industry from ransomware attacks Such a company facing this kind of attacks deployed Prophaze, and it
CVE-2022-41157 : KYUNGRINARA ERP SOLUTION SERP SERVER HARD-CODED CREDENTIALS
Description A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This
CVE-2022-41875 : OPTICA UP TO 0.10.1 JSON OJ.SAFE_LOAD DESERIALIZATION
Description A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON
CVE-2022-2475 : HAAS CONTROLLER 100.20.000.1110 ETHERNET Q COMMANDS SERVICE INSUFFICIENT GRANULARITY OF ACCESS CONTROL
Description Haas Controller version 100.20.000.1110 has insufficient granularity of access control when using the “Ethernet Q Commands” service. Any user
Why Is Container Security Important? What Are The Top 10 Docker Projects According To OWASP?
Why is Container Security Important? A thorough security evaluation must include container security as a crucial component. Using a combination
CVE-2022-39365 : PIMCORE UP TO 10.5.8 TWIG TEMPLATE CODE INJECTION
Description Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates
CVE-2022-25720 : QUALCOMM SNAPDRAGON AUTO WLAN MEMORY CORRUPTION
Description Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon
What Is PCI DSS? What Are The Requirements Of PCI DSS Compliance?
What is PCI DSS? The Payment Card industry data security (PCI DSS), was unfolded to encourage and enhance card holder
CVE-2022-3569 : SYNACOR ZIMBRA COLLABORATION SUITE UP TO 9.0.0 POSTFIX PRIVILEGE DROPPING / LOWERING ERRORS
Description Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue
What Is SSL, TLS And HTTPS?
What is SSL? SSL stands for Secure Sockets Layer. It is a standard technology for establishing an encrypted link between
What Is Directory Traversal?
What is Directory Traversal? Directory traversal is also known as file path traversal. It is a web security flaw that
What Is Credential Stuffing? How To Prevent Using WAF?
What Is Credential Stuffing? A cyberattack known as “credential stuffing” occurs when a cybercriminal gains access to user accounts at
What Is REST API? How To Provide Security To REST API?
What is REST API? REST is the acronym of Representational State Transfer (REST). It is an architectural style or pattern
What Is Remote File Inclusion (RFI)? How Does Remote File Inclusion Work?
What is Remote File Inclusion (RFI)? RFI is also known as Remote file inclusion. In this the attackers or Penetration
What Is Session Hijacking? How To Prevent Session Hijacking?
What is Session Hijacking? Session Hijacking is the type of attack in which the attacker takes over or hijacks a
DNS Security Extensions (DNSSEC) – Why Did The Need Arise For Its Implementation?
What is DNS and how does it work? DNS is the abbreviation for Domain Name System. The task of the
What is General Data Protection Regulation (GDPR)?
GDPR (General data protection regulation) is regulation to provide uniform data protection by eliminating the inconsistencies in national laws of