EUVD-2023-31910

Malicious code in bioql PyPI...

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

Design/Logic Flaw

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

CVE-2023-28202

CVE-2023-28202 relates to Apple systems where a firewall setting may fail to take effect after exiting Settings due to a state-management flaw. Affected products include iOS/iPadOS 16.x, watchOS 9.x, tvOS 16.x, and macOS Ventura 13.x. The issue is described as a state-management fix and is noted ...

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app...

[APPFW]"File too large" raises when upgrading appfw default signature "*Default Signatures"

Error "File too large" raises when to upgrade default signatures to version 89V89 On GUI Log sample could be seen in ns.log Jul 25 09:09:18 12 httpd: 49801 Netscalerip 127.0.0.1 - User nsroot - Remoteip 127.0.0.1 - Method POST - Command "params": "warning": "YES" "systemfile": "filename":...

How to Protect Your Applications Against Log4Shell With tCell

By now, we’re sure you’re familiar with all things Log4Shell – but we want to make sure we share how to protect your applications. Applications are a critical part of any organization’s attack surface, and we’re seeing thousands of Log4Shell attack attempts in our customers' environments every...

What’s New in InsightAppSec and tCell: Q3 2020 in Review

Here at Rapid7, we’ve been quite busy continuously improving, expanding functionality, and testing new features for feedback with our customers across our application security portfolio. This includes InsightAppSec, our leading DAST solution, tCell by Rapid7, our next-gen cloud WAF and RASP...

Web App Firewall blocks and logs duplicate cookies

12.1 build 50.31 Web App Firewall blocks all requests if duplicate cookies are found. This is also done, when Cookie Consistency is configured only to log the communication. If Cookie Consistency is turned off completely the communication is permitted...

AppfW blocking and not logging, with PostBodyLimit set to >1GB

When we apply an appfirewall profile only in log and learning mode. After applying some pages become unavailable but there is no logs. Appfw blocking but no logs, when we enableapplication/x-www-form-urlencoded option in the appfw security...

WAScan v0.2.1 - Web Application Scanner

WAScan Web Application Scanner is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application,...

DenyAll Web Application Firewall Remote Code Execution (CVE-2017-14706)

An authentication bypass and code injection vulnerability has been reported in DenyAll Web Application Firewall. The vulnerability is due to an information disclosure and the way that DenyAll Web Application Firewall validates session IDs while authenticating users. Remote attackers can execute a...

Barracuda Web App Firewall/Load Balancer Remote Command Execution Vulnerability

Barracuda is the generic name for a family of hard disk drives from Seagate Technology. A remote command execution vulnerability exists in the Barracuda Web App Firewall Firmware,Load Balancer Firmware. An attack could exploit this vulnerability by sending a specially crafted request that is...

Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit) (3)

Exploit Title: Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit 3 Date: 07/28/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/products/loadbalance &...

Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Me

Exploit for linux platform in category remote exploits Exploit Title: Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit 3 Date: 07/28/16 Exploit Author: xort email protected Vendor Homepage: https://www.barracuda.com/ Software Link:...

Barracuda Web App Firewall 8.0.1.008Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit) (3)

Barracuda Web App Firewall 8.0.1.008Load Balancer 5.4.0.004 - Authenticated Remote Command Execution Metasploit 3 Exploit Title: Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit 3 Date: 07/28/16 Exploit Author: xort [email protected] Vendor Homepage:...

Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (3)

Exploit Title: Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit 3 Date: 07/28/16 Exploit Author: xort [email protected] Vendor Homepage: https://www.barracuda.com/ Software Link: https://www.barracuda.com/products/loadbalance &...