Virtual Patching Deep Security
In today’s world of abundant information, keeping private information safe online is a challenge. Vulnerabilities can affect the reputation of
Common Roadblocks to Source Code Fixes
From the technical point of view, the initial mitigation strategy would be for an organization to rectify the discovered vulnerability
Security Advisory for Post-Authentication Stack Overflow on Some Routers and Modem Routers
Overview : Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before
Security Advisory for Post-Authentication Command Injection on Some Routers and Gateways, PSV-2018-0352
Overview : Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400
Security Notice for CA Unified Infrastructure Management
Overview : Multiple issues was discovered in CA Unified Infrastructure Management Affected Product(s) : UIM product versions 9.20 and below
Multiple security vulnerabilities have been found in IBM products
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM products. Affected Product(s) : IBM Financial Transaction Manager
PostgreSQL security flaws
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
IBM Security vulnerabilities released
Overview : Multiple security vulnerabilities have been updated in IBM products Affected Product(s) : IBM Maximo Asset Management 7.6 IBM
WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
SAP Latest Security Patch released
Overview : Latest vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0367 [CVE-2019-0367] Missing
SugarCRM security issues released
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
IBM Security Guardium vulnerable to a privilege escalation
Overview : IBM Security Guardium has addressed the following vulnerability. Affected Product(s) : IBM Security Guardium 9.0 – 9.5 IBM
IBM Security Directory Server vulnerabilities
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Affected Product(s) : IBM Security
User Credentials hacked in IBM Security Key Lifecycle Manager
Overview : IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can
Security Issues tracked in Lenovo smartwatch
Lenovo smartwatch which was launched in June 2018 attracted the attention of many with its features, design and affordability. Within
MongoDB Enterprise Kubernetes Operator 1.2.5
Overview : X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the convenience
What Is WAF Evasion?
Home What Is WAF Evasion? 8.4k Views 9 min. read Learning Center Related Content How Do Hackers Bypass WAF? What
CVE-2024-49768 : PYLONS WAITRESS UP TO 3.0.0 ON PYTHON HTTP PIPELINING RECV_BYTES TOCTOU
Description Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a
CVE-2024-47821 : PYLOAD UP TO 0.5.0B3.DEV86/ .PYLOAD/SCRIPTS OS COMMAND INJECTION
Description pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain actions
CVE-2024-45518 : SYNACOR ZIMBRA COLLABORATION SUITE HTTP REQUEST SERVER-SIDE REQUEST FORGERY
Description An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and
CVE-2024-28168 : APACHE XML GRAPHICS FOP 2.9 XML EXTERNAL ENTITY REFERENCE
Description Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability in Apache XML Graphics FOP. This issue affects Apache XML