Virtual Patching Deep Security
In today’s world of abundant information, keeping private information safe online is a challenge. Vulnerabilities can affect the reputation of
Common Roadblocks to Source Code Fixes
From the technical point of view, the initial mitigation strategy would be for an organization to rectify the discovered vulnerability
Security Advisory for Post-Authentication Stack Overflow on Some Routers and Modem Routers
Overview : Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before
Security Advisory for Post-Authentication Command Injection on Some Routers and Gateways, PSV-2018-0352
Overview : Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400
Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1
Overview : Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update
Security Notice for CA Unified Infrastructure Management
Overview : Multiple issues was discovered in CA Unified Infrastructure Management Affected Product(s) : UIM product versions 9.20 and below
Multiple security vulnerabilities have been found in IBM products
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM products. Affected Product(s) : IBM Financial Transaction Manager
PostgreSQL security flaws
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
IBM Security vulnerabilities released
Overview : Multiple security vulnerabilities have been updated in IBM products Affected Product(s) : IBM Maximo Asset Management 7.6 IBM
WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
SAP Latest Security Patch released
Overview : Latest vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0367 [CVE-2019-0367] Missing
SugarCRM security issues released
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
IBM Security Guardium vulnerable to a privilege escalation
Overview : IBM Security Guardium has addressed the following vulnerability. Affected Product(s) : IBM Security Guardium 9.0 – 9.5 IBM
IBM Security Directory Server vulnerabilities
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Affected Product(s) : IBM Security
User Credentials hacked in IBM Security Key Lifecycle Manager
Overview : IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can
Security Issues tracked in Lenovo smartwatch
Lenovo smartwatch which was launched in June 2018 attracted the attention of many with its features, design and affordability. Within
WordPress Security
[vc_row][vc_column][vc_column_text]WordPress is the largest used CMS in the world. So as the most attacked Content Management System. Even though WordPress
MongoDB Enterprise Kubernetes Operator 1.2.5
[vc_row][vc_column][vc_column_text] Overview : X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
[vc_row][vc_column][vc_column_text] Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the
CVE-2024-3400 : PALO ALTO NETWORKS PAN-OS GLOBALPROTECT COMMAND INJECTION
Description A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and
CVE-2024-25710 : APACHE COMMONS COMPRESS UP TO 1.25.0 INFINITE LOOP
Description Loop with Unreachable Exit Condition (‘Infinite Loop’) vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from
CVE-2023-50292 : APACHE SOLR UP TO 8.11.2/9.2.X PERMISSION ASSIGNMENT
Description Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects
CVE-2024-23673 : APACHE SLING SERVLETS RESOLVER UP TO 2.10.X SCRIPT PATH TRAVERSAL
Description Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of