CVE-2023-26489 : WASMTIME 4.0.0/5.0.0/6.0.0 ON 64-BIT OUT-OF-BOUNDS WRITE
Description wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime’s code generator, Cranelift, has a bug
CVE-2023-27290 : IBM OBSERVABILITY WITH INSTANA MISSING AUTHENTICATION
Description Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do
Securing 3rd party API Integrations
Prophaze offers a wide range of cybersecurity solutions, including securing third-party API integrations. Helps to identify and mitigate potential security
CVE-2022-47986 : IBM ASPERA FASPEX 4.4.1 YAML DESERIALIZATION
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
CVE-2022-45699 : APSYSTEMS ECU-R 5203 ADMINISTRATION INTERFACE TIMEZONE COMMAND INJECTION
Description Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary
CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE
Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when
CVE-2023-22741 : SOFIA-SIP UP TO 1.12.4 LENGTH STUN_PARSE_ATTRIBUTE BUFFER OVERFLOW
Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both
On Premises WAF
On-Premises WAF Prophaze WAF Supports On-Premises Prophaze WAF support on-premises deployment to ensure compliance with security in industries such as
CVE-2021-32824 : APACHE DUBBO UP TO 2.6.9/2.7.9 TELNET DESERIALIZATION
Description Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to
CVE-2022-47952 : LXC UP TO 5.0.1 LXC-USER-NIC PRIVILEGE ESCALATION
Description lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file
CVE-2022-23555 : AUTHENTIK PRIOR 2022.10.4/2022.11.4/2022.12.0 IMPROPER AUTHENTICATION
Description authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable
CVE-2022-39165 : IBM AIX/VIOS CAA DENIAL OF SERVICE
Description IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA
CVE-2022-23477 : NEUTRINOLABS XRDP UP TO 0.9.20 AUDIN_SEND_OPEN BUFFER OVERFLOW
Description xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol
Security For Examination Portals
Security For Examination Portals The education sector has also been impacted greatly by the digitalisation post-Covid pandemic. Services have been
Prophaze WAF 3.0
Prophaze WAF 3.0 Prophaze WAF is the advanced, AI-powered solution you need to protect your web applications, APIs, microservices, and
Leading Power Industry strengthens API Security with Prophaze
Leading Power Industry strengthens API Security with Prophaze The reason behind choosing Prophaze is to reduce internal complexity, enhance API
Prophaze secures the healthcare industry
Prophaze Helps the Healthcare Industry from ransomware attacks Such a company facing this kind of attacks deployed Prophaze, and it
CVE-2022-41157 : KYUNGRINARA ERP SOLUTION SERP SERVER HARD-CODED CREDENTIALS
Description A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This
CVE-2022-41875 : OPTICA UP TO 0.10.1 JSON OJ.SAFE_LOAD DESERIALIZATION
Description A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON
CVE-2022-2475 : HAAS CONTROLLER 100.20.000.1110 ETHERNET Q COMMANDS SERVICE INSUFFICIENT GRANULARITY OF ACCESS CONTROL
Description Haas Controller version 100.20.000.1110 has insufficient granularity of access control when using the “Ethernet Q Commands” service. Any user
Why Is Container Security Important? What Are The Top 10 Docker Projects According To OWASP?
Why is Container Security Important? A thorough security evaluation must include container security as a crucial component. Using a combination
CVE-2022-39365 : PIMCORE UP TO 10.5.8 TWIG TEMPLATE CODE INJECTION
Description Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates
CVE-2022-25720 : QUALCOMM SNAPDRAGON AUTO WLAN MEMORY CORRUPTION
Description Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon
What Is PCI DSS? What Are The Requirements Of PCI DSS Compliance?
What is PCI DSS? The Payment Card industry data security (PCI DSS), was unfolded to encourage and enhance card holder