CVE-2024-32976 : ENVOY UP TO 1.27.5/1.28.3/1.29.4/11.30.1 DECOMPRESSION INFINITE LOOP
Description Envoy is a cloud-native, open source edge and service proxy. Envoyproxy with a Brotli filter can get into an endless loop during decompression of…
CVE-2024-29972 : ZYXEL NAS326/NAS542 PRIOR 5.21 HTTP POST REQUEST REMOTE_HELP-CGI OS COMMAND INJECTION
Description ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware…
CVE-2024-5590 : NETENTSEC NS-ASG APPLICATION SECURITY GATEWAY 6.3 JSON CONTENT UPLOADISCUSER.PHP MESSAGECONTENT SQL INJECTION
Description A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. This vulnerability affects unknown code of the…
CVE-2024-5311 : DIGIWIN EASYFLOW .NET UP TO 5.X/6.1X/6.6.15 INPUT SQL INJECTION
Description DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database…
Why Should Insider Threats Be A Top Concern For Your Business?
Insider threats refer to security risks caused by people inside an organization who are authorized to access confidential systems, data, or resources. These insiders can…
CVE-2024-34171 : FUJI ELECTRIC MONITOUCH V-SFT STACK-BASED OVERFLOW
Description Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. References https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 For More…