CVE-2022-3980 : SOPHOS MOBILE MANAGED ON-PREMISES UP TO 9.7.4 XML SERVER-SIDE REQUEST FORGERY
Description An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed
CVE-2022-39344 : AZURE RTOS USBX UP TO 6.1.11 USB DFU UPLOAD UX_DEVICE_CLASS_DFU_CONTROL_REQUEST BUFFER OVERFLOW
Description Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure
CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY
Description Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. References https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 For More Information MITRE
CVE-2022-2355 : EASY USERNAME UPDATER PLUGIN UP TO 1.0.4 ON WORDPRESS CROSS-SITE REQUEST FORGERY
Description The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make
HTTP Protocol Violation
Home HTTP Protocol Violation PROPHAZE APPSEC PLATFORM What is Prophaze WAF? How Prophaze WAF Works? System Requirements Performance SSL Termination
HTTP Response Splitting
Home HTTP Response Splitting PROPHAZE APPSEC PLATFORM What is Prophaze WAF? How Prophaze WAF Works? System Requirements Performance SSL Termination
CVE-2022-32532 : APACHE SHIRO UP TO 1.9.0 REGEXREQUESTMATCHER AUTHORIZATION
Description Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher
Apache HTTP Server 2.4 vulnerabilities
Overview : In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might
Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
Overview : Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
Common Vulnerabilities and Exposures Container Security cyber security news Web Application Firewall
Zimbra zm-mailbox before 8.8.15.p8 allows authenticated users to request any GAL account
Overview : cs/service/account/AutoCompleteGal.java in Zimbra zm-mailbox before 8.8.15.p8 allows authenticated users to request any GAL account. This differs from the
Disclosure of Private Merge Requests and Issues via Elasticsearch integration
Overview : An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE)
Cross-site request forgery (CSRF) vulnerability in the Storefront Application in DS Data Systems KonaKart before 7.3.0.0
Overview : Cross-site request forgery (CSRF) vulnerability in the Storefront Application in DS Data Systems KonaKart before 7.3.0.0 allows remote
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks
Overview : Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn’t limit
Pecl http extension Memory Corruption Vulnerability
Pecl http extension Memory Corruption Vulnerability CVE: CVE-2016-7398 Version: pecl-http extension up to 2.6.0beta2/3.1.0beta2 Severity: Medium Explanation: The function merge_param()
What Is CDN Log Analysis?
Home What Is CDN Log Analysis? 5.6k Views 6 min. read Learning Center Related Content What Is a Private CDN?
How Does WAF Block XSS Attacks?
Home How Does WAF Block XSS Attacks? 9.2k Views 10 min. read Learning Center Related Content How Does WAF Protect
What Is an Internet Bot?
Home What Is an Internet Bot? 1.2k Views 6 min. read Learning Center Related Content What Are Examples of Useful
What Is Layer 3, 4, and 7 DDoS?
Home What Is Layer 3, 4, and 7 DDoS? 1.2k Views 7 min. read Learning Center Related Content What Is
What Is an API Endpoint?
Home What Is an API Endpoint? 21.1k Views 8 min. read Learning Center Related Content What Are the Types of
What Is WAF Machine Learning?
Home What Is WAF Machine Learning? 32.6k Views 5 min. read Learning Center Related Content What Is Zero-Day Protection in
Can a CDN Slow Down a Website?
Home Can a CDN Slow Down a Website? 8.2k Views 7 min. read Learning Center Related Content What Is CDN
What Is CDN Cache Poisoning?
Home What Is CDN Cache Poisoning? 1.9k Views 7 min. read Learning Center Related Content Does a CDN Cause Security
How Does a WAF Protect Against Bots?
Home How Does a WAF Protect Against Bots? 18.5k Views 7 min. read Learning Center Related Content What Is Bot
How Do Bots Work?
Home How Do Bots Work? 1.2k Views 6 min. read Learning Center Related Content What Is a Bot? What Are