Compliance
Compliance Ensuring Regulatory Compliances and Best Practices E-commerce, FinTech, Health Tech, and organizations that process PII and PHI data find
WAF API Gateway
Prophaze API Gateway This gateway helps businesses create, manage, and secure APIs with ease. Acting as a protective barrier, it
Automated Security Policy Does The Heavy Lifting
Automated Security Policy Does The Heavy Lifting Your Organization’s Security Posture with Prophaze Automated Security Policy Prophaze Automated Security Policy
Layer 7 DDoS Protection
Layer 3 – 7 DDoS Protection Advanced Defense of Strengthening Your Security Prophaze protects your API endpoints deployed in the
Protection From All Threats
Protection From All Threats Security for Your Data Privacy Prophaze AI firewall blocks malicious requests, execution of fileless attacks, new
Service Level Agreement
Prophaze Service Level Agreement This Service Level Agreement (“SLA”) is a policy governing the performance of Prophaze Technologies Private Limited.
Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker could modify a registry key
Overview : In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker could modify a registry key,
MongoDB Enterprise Kubernetes Operator 1.2.5
Overview : X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes
Vulnerabilities Discovered in CIPAce Enterprise Platform
Overview : A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP
Data Center Security Privilege Escalation
Overview : Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege
unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by
Apache HTTP Server 2.4 vulnerabilities
Overview : In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might
Kubelet component in versions 1.15.0-1.15.9
Overview : The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial
NGINX Controller versions prior to 3.2.0,
Overview : In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can
TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms,
Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the convenience
SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA)
Overview : An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02,
LogicalDoc before 8.3.3 allows SQL Injection
Overview : LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This
cPanel before 84.0.20 allows a demo account to achieve remote code execution
Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Umbraco CMS 8.5.3 allows an authenticated file upload
Overview : Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality.
cPanel before 82.0.18 Account bypass vulnerability
Overview : cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). Affected
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 SQL Injection Vulnerability
Overview : SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID