Test Blog - Cloud WAF

CVE-2024-21513 : LANGCHAIN-EXPERIMENTAL UP TO 0.0.20 DATABASE EVAL CODE INJECTION

Description Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code…

Common Vulnerabilities and Exposures

CVE-2024-6737 : 2100 TECHNOLOGY ELECTRONIC OFFICIAL DOCUMENT MANAGEMENT SYSTEM UP TO 5.0.76 SETTING ACCESS CONTROL

Description The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote attackers with regular privileges to…

Common Vulnerabilities and Exposures

CVE-2024-6345 : PYPA SETUPTOOLS UP TO 69.1.1 PACKAGE_INDEX CODE INJECTION

Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which…

Common Vulnerabilities and Exposures

CVE-2024-39736 : IBM DATACAP NAVIGATOR 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 HTTP HEADER HOST HTTP HEADERS FOR SCRIPTING SYNTAX

Description IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST…

Common Vulnerabilities and Exposures

CVE-2023-52885 : LINUX KERNEL UP TO 6.4.3 SUNRPC SVC_TCP_LISTEN_DATA_READY USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking…

Learning Web Application Firewall

What Is Bots as a Service (BaaS) and How Does It Impact?

Automation is key to business efficiency and security in today’s rapidly evolving digital environment. An exciting development in this area is Bots as a Service…