Lucene search
K

72 matches found

cnnvd
cnnvd
added 2023/08/25 12:0 a.m.6 views

OWASP Coraza WAF 资源管理错误漏洞

OWASP Coraza WAF is a golang modsecurity-compatible web application firewall library in the Coraza open source. A resource management error vulnerability exists in OWASP Coraza WAF version 3.0.0, which stems from misuse of log.Fatalf and causes applications using coraza to crash after receiving a...

7.5CVSS7.2AI score0.00605EPSS
Exploits0References3
susecve
susecve
added 2023/07/14 2:4 a.m.4 views

SUSE CVE-2023-38199

coreruleset aka OWASP ModSecurity Core Rule Set through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the...

9.8CVSS6.9AI score0.00631EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2023/03/15 12:0 a.m.7 views

The vulnerability of FortiWeb web applications’ network firewalls stems from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of FortiWeb web applications’ network firewalls is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted...

9CVSS8AI score0.01691EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2022/11/02 12:0 a.m.4 views

Fortinet FortiADC 安全漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. A security vulnerability exists in Fortinet FortiADC versions 5.0, 6.0.0, 6.1.0, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. An attacker could exploit the vulnerability to perform SQL injection and cross-site scripting...

9.8CVSS8.3AI score0.00679EPSS
Exploits0References2
osv
osv
added 2021/09/24 4:15 p.m.4 views

CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary e.g., frwlsvc.exe bypasses firewall filters...

7.8CVSS7.1AI score0.00359EPSS
Exploits1References2
cnnvd
cnnvd
added 2021/09/24 12:0 a.m.7 views

Dr.Web Firewall 代码问题漏洞

Dr.Web Firewall is a network firewall from the Russian company Dr.Web. A code issue vulnerability exists in Dr.Web Firewall that originates from Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A custom loaded DLL in a legitimate binary e.g. frwlsvc.exe...

7.8CVSS7.5AI score0.00359EPSS
Exploits1References3
cnnvd
cnnvd
added 2021/08/12 12:0 a.m.6 views

MONITORAPP Application Insight Web Application Firewall 输入验证错误漏洞

MONITORAPP Application Insight Web Application Firewall AIWAF is an application firewall from MONITORAPP Corporation in South Korea. The MONITORAPP Application Insight Web Application Firewall suffers from an input validation error vulnerability that stems from a lack of input validation for one ...

9.3CVSS7.7AI score0.02466EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/07/01 12:0 a.m.6 views

OWASP ModSecurity Core Rule Set 安全漏洞

The OWASP ModSecurity Core Rule Set CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. A security vulnerability exists in the OWASP ModSecurity Core Rule Set that stems from inadequate implementation of security measures in the default...

9.8CVSS7.4AI score0.02542EPSS
Exploits1References11
osv
osv
added 2020/12/24 4:15 p.m.3 views

CVE-2020-27728

On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting daemon AVRD may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices...

7.5CVSS7.1AI score0.01002EPSS
Exploits0References1
cnvd
cnvd
added 2019/11/28 12:0 a.m.4 views

Authentication Error Vulnerability in Multiple F5 Products

F5 BIG-IP ASM and others are products of F5 Corporation, U.S.A. F5 BIG-IP ASM is a Web Application Firewall WAF, and F5 Enterprise Manager is a tool that provides a view of the entire BIG-IP Application Delivery Infrastructure and optimizes application performance.F5 BIG-IQ is a set of...

9.4CVSS7AI score0.0113EPSS
Exploits0References1
kitploit
kitploit
added 2019/05/14 12:43 p.m.227 views

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

7.2AI score
Exploits0References3
packetstorm
packetstorm
added 2018/01/05 12:0 a.m.47 views

SonicWall SonicOS NSA Filter Bypass

Document Title: =============== SonicWall SonicOS NSA - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1729 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2016/02/25 12:0 a.m.46 views

GTA Firewall GB-OS 6.2.02 Script Insertion

Document Title: =============== GTA Firewall GB-OS v6.2.02 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1713 Release Date: ============= 2016-02-24 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
vulnerlab
vulnerlab
added 2016/02/24 12:0 a.m.57 views

GTA WAF GB-OS v6.2.02 - Bypass & Persistent Vulnerability

Document Title: =============== GTA WAF GB-OS v6.2.02 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1713 Release Date: ============= 2016-02-24 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/07/28 12:0 a.m.153 views

Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability

Document Title: =============== Barracuda Networks 35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracuda Networks Security ID BNSEC: BNSEC-2361...

7.7AI score
Exploits0
vulnerlab
vulnerlab
added 2014/07/23 12:0 a.m.46 views

Barracuda Firewall 6.1.5 - Bypass&Persistent Vulnerabilities

Document Title: =============== Barracuda Firewall 6.1.5 - Bypass&Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1065 Barracuda Networks Security ID BNSEC: BNSEC-2067...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2014/07/23 12:0 a.m.28 views

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent

Document Title: =============== Barracuda Networks 35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracuda Networks Security ID BNSEC: BNSEC-2361...

7.4AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.34 views

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Vulnerability

No description provided by source. Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines &...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.31 views

Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities

No description provided by source. Document Title: =============== Barracuda Bug Bounty 30 Firewall - Multiple Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1065 Barracuda Networks Security ID BNSEC: BNSEC-2067 Video:...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2014/02/26 12:0 a.m.30 views

Barracuda Web Firewall 6.1.0.016 Cross Site Scripting

Document Title: =============== Barracuda Networks Bug Bounty 31 Firewall - Persistent Access Policy Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1070 Barracuda Networks Security ID BNSEC: BNSEC-2068 Release Date: ============= 2014-02-2...

0.1AI score
Exploits0
Rows per page
Query Builder