VMware Workspace ONE UEM Console REST API session denial of service
A vulnerability classified as problematic was found in VMware Workspace ONE UEM Console (affected version unknown). Affected by this vulnerability
Parse Server up to 4.5.0 REST API improper authentication
A vulnerability, which was classified as critical, was found in Parse Server up to 4.5.0. Affected is an unknown functionality
REST API batch-queries code injection
A vulnerability classified as critical was found in up to 3.8.20/3.10.7. This vulnerability affects an unknown functionality of the file
Planview Spigit 4.5.3 REST API api/v1/users/1 information disclosure
A vulnerability, which was classified as problematic, was found in Planview Spigit 4.5.3. Affected is an unknown code of the
Cisco Evolved Programmable Network Manager REST API information disclosure
A vulnerability was found in Cisco Evolved Programmable Network Manager (affected version unknown). It has been declared as problematic. Affected
Cisco Firepower Device Manager REST API code injection [CVE-2021-1518]
A vulnerability, which was classified as critical, was found in Cisco Firepower Device Manager (Firewall Software) (the affected version unknown).
Filebird Plugin 4.7.3 on REST API Endpoint API endpoint get_col sql injection
A vulnerability has been found in Filebird Plugin 4.7.3 on REST API Endpoint and classified as critical. Affected by this
Palo Alto Cortex XSOAR up to 6.1.0/6.2.0 REST API improper authorization
A vulnerability has been found in Palo Alto Cortex XSOAR up to 6.1.0/6.2.0 and classified as critical. Affected by this
Octopus Server Events REST API sql injection [CVE-2021-31818]
A vulnerability, which was classified as critical, was found in Octopus Server (the affected version unknown). This affects an unknown
Vulnerability Assessment and Penetration Testing (VAPT)
Why would your Business need VAPT? It is very necessary to conduct a network security audit periodically to ensure the
cPanel before 82.0.18 Account bypass vulnerability
Overview : cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). Affected
API Security Web Application Firewall
How can you secure your Exposed services without installing the patch by the vendor? Have a look at the use
The vulnerability is addressed in the 2018.1, 2018.2 versions of CloudVision Portal
Overview : In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71
[vc_row][vc_column][vc_column_text] Overview : Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1
Cisco Data Center Network Manager Vulnerabilities
Summary Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker
Prophaze’s Top 10 Cloud Security Mitigation Strategies
Navigating Cloud Security Challenges In today’s digital landscape, the migration to cloud environments has become a cornerstone of modern business
What is ARMS / ARD?
In today’s interconnected world, managing a large number of remote devices efficiently and securely is a significant challenge for organizations.
What Lies Beyond Critical RunC Vulnerabilities in Docker | Prophaze
A new vulnerability was found in runC command line tool, also known as Leaky Vessels, impacting the runtime engine for
What Are Negotiation Floods?
Negotiation Floods are a type of DDoS attack that exploits network protocols’ negotiation processes to overwhelm network resources. The attacker
What Is DNS Water Torture?
DNS Water Torture is a type of DDoS attack that targets the Domain Name System (DNS), a critical component of
What Is Jenkins? What Are The Best Practices For Jenkins Security?
Jenkins is an open-source automation server that has emerged as a popular tool for streamlining software development workflows. In this
What Are CLDAP Attacks? What Are The Risks And Impacts Of Such Attacks?
Connectionless Lightweight Directory Access Protocol (CLDAP) is a network protocol used for querying and modifying directory information services, such as
CVE-2023-40683 : IBM OPENPAGES WITH WATSON 8.3/9.0 IMPROPER AUTHORIZATION
Description IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization
What Are GRE-IP UDP Floods?
Generic Routing Encapsulation (GRE) is a tunneling protocol that encapsulates various network protocols within Internet Protocol (IP) packets. User Datagram