282 matches found
Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)
Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists,...
Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-99680)
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A buffer overflow vulnerability exists, whi...
Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-101138)
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A buffer overflow vulnerability exists that...
The vulnerability of the Session Initiation Protocol (SIP) implementation and the Network Address Translation (NAT) function of the Application Layer Gateway (ALG) in microprogrammable network interface devices from Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to circumvent security restrictions and establish unauthorized connections.
The vulnerability of the Session Initiation Protocol SIP implementation and the Network Address Translation NAT function of the Application Layer Gateway ALG in microprogrammable network devices such as Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to...
The vulnerability of the File Transfer Protocol (FTP) implementation and the NAT functions of the Application Layer Gateway (ALG) in microprogrammable network devices such as Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to circumvent security restrictions and establish unauthorized connections.
The vulnerability of the File Transfer Protocol FTP implementation and the Network Address Translation NAT function of the Application Layer Gateway ALG in microprogrammable network devices such as Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to...
CVE-2021-34790
Multiple vulnerabilities in the Application Level Gateway ALG for the Network Address Translation NAT feature of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized...
PT-2021-4718 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to the incorrect implementation of security checks fo...
Huawei EulerOS: Security Advisory for nginx (EulerOS-SA-2021-2599)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : nginx (EulerOS-SA-2021-2599)
According to the versions of the nginx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that cause...
Layer 7 DDoS Attacks: ❗️ Methods and Ways of Mitigation
The web has been the greatest type of development in the 21st century. It has uncovered the whole world to more current prospects and more effective methods of living. Today, we have various sites, online stores, online papers, etc. Essentially everything is online nowadays. Be that as it may, th...
EulerOS 2.0 SP5 : nginx (EulerOS-SA-2021-2513)
According to the versions of the nginx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible...
Fortinet FortiWeb Buffer Overflow Vulnerability
Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...
Citrix Applayering Packaging VM boot error 0xC000000F
Application layer packaging VM boot fails with theboot error 0xC000000F The above given error appears on the packaging VM while you create a new application layer/edit an application layer with an OS layer version where the language packs are newly installed, but this boot failure doesn't appear...
Code injection
Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user...
CVE-2021-37625 Incorrect Check of Function Return Value in Skytable
Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user...
Holiday Readiness: What You Should Be Thinking About Four Months Out
Written by: Michael Hansen This is a blog series about Akamai solutions that can help you manage the surge of traffic both good and bad that will be hitting the retail industry during the holiday season. The beginning of August is upon us, and if you haven't already started thinking about the...
What is DDoS attack❓ — Types and how to react to them
What is DDoS attack❓ — Types and how to react to them Distributed Denial of service attacks are assaults outfitted at making a PC, a cyber-service inaccessible by congesting it with traffic from various sources. The point is ordinarily to make the computers in question stop administration by...
Arbitrary File Download Vulnerability in NSYS Netnifty Second Generation Firewall of Shenzhen Netnifty Technology Co.
NSYS ACF, the second-generation firewall, is a new network security appliance designed for the application layer, capable of accurately identifying users, applications and content, with complete security protection capabilities, and able to comprehensively replace traditional firewalls with stron...
F5 Nginx 信任管理问题漏洞
F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. F5 Nginx is vulnerable to a trust management issue that stems from the presence of an ALPACA Application Layer Protocol Content Obfuscation attack, whic...
Application Layer is Still the Front Door for Data Breaches
By Terry Ray, SVP and Fellow, Imperva Each year, the number of data breaches grows by 30% while the number of records compromised increases by an average of 224%. 2021 is far from over, but we’re already on pace for another record-setting year. In fact, Imperva research finds that more records we...