966 matches found
exploit-notes
🎯 Pentest Playbook Index Welcome to the comprehensive penetra...
Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead
APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem. This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit...
BurpSuitePro
Burp Suite Bambda Scripts - Vulnerability Testing Toolkit v2.0...
Enhancements to Akamai API Security, Q4 2025
The Q4 2025 Akamai API Security updates help organizations shift security left, improve coverage, and reduce friction...
7 Reasons to Get Certified in API Security
API security is becoming more important by the day and skilled practitioners are in high demand. Now’s the time to level up your API security skillset. Wallarm University, our free training course, provides security analysts, engineers, and practitioners with hands-on skills you can’t get from...
CVE-2020-12477
The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function...
CVE-2023-45820
Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server receives an invalid frame. A malicious user could leverage this bug to crash Directus. This issue has...
CVE-2023-29507
XWiki Commons are technical libraries common to several other top level XWiki projects. The Document script API returns directly a DocumentAuthors allowing to set any authors to the document, which in consequence can allow subsequent executions of scripts since this author is used for checking...
CVE-2019-7950
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
CVE-2019-16919
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not enforce the proper...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the snappy:Decoder function. An attacker can cause excessive memory consumption and potential out-of-memory errors by sending malformed blocks that bypass request size limits. This...
Imperva Named a Leader in KuppingerCole’s Leadership Compass 2025 for Web Application and API Protection
In the latest 2025 KuppingerCole Leadership Compass for Web Application and API Protection WAAP, Imperva has once again secured a Leadership position; a testament to our unwavering commitment to protecting the modern digital experience. Why This Report Matters The WAAP market represents the...
APIs Are the Retail Engine: How to Secure Them This Black Friday
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear up for huge surges in online traffic, ask yourself: have you protected the APIs on...
Enhancements to Akamai API Security, Q3 2025
The recent Akamai API Security updates improve visibility, automation, coverage, and compliance across the API lifecycle...
Key API Security Takeaways from the Postman 2025 State of API Report
API security has never been more important because modern APIs are operational necessities. Unfortunately, many organizations are failing to adapt their security models to a rapidly changing API threat landscape. Like it or not, we live in an AI-first world, and API security must reflect that...
EUVD-2014-0212
Malware in sbrugna...
EUVD-2020-2730
Malware in sbrugna...
EUVD-2020-7338
Malware in sbrugna...
EUVD-2019-5600
Malware in sbrugna...
EUVD-2021-26261
Malware in sbrugna...