Lucene search
K

282 matches found

CNVD
CNVD
added 2021/12/13 12:0 a.m.20 views

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)

Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists,...

6.1CVSS0.6AI score0.00652EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/13 12:0 a.m.23 views

Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-99680)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A buffer overflow vulnerability exists, whi...

8.8CVSS3.4AI score0.01397EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/09 12:0 a.m.24 views

Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-101138)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A buffer overflow vulnerability exists that...

8.8CVSS1.4AI score0.01894EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.4 views

The vulnerability of the Session Initiation Protocol (SIP) implementation and the Network Address Translation (NAT) function of the Application Layer Gateway (ALG) in microprogrammable network interface devices from Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to circumvent security restrictions and establish unauthorized connections.

The vulnerability of the Session Initiation Protocol SIP implementation and the Network Address Translation NAT function of the Application Layer Gateway ALG in microprogrammable network devices such as Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to...

5CVSS5.9AI score0.011EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.7 views

The vulnerability of the File Transfer Protocol (FTP) implementation and the NAT functions of the Application Layer Gateway (ALG) in microprogrammable network devices such as Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to circumvent security restrictions and establish unauthorized connections.

The vulnerability of the File Transfer Protocol FTP implementation and the Network Address Translation NAT function of the Application Layer Gateway ALG in microprogrammable network devices such as Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to...

5CVSS5.9AI score0.011EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2021/10/27 7:15 p.m.5 views

CVE-2021-34790

Multiple vulnerabilities in the Application Level Gateway ALG for the Network Address Translation NAT feature of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized...

5.3CVSS5.8AI score0.011EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/10/27 12:0 a.m.7 views

PT-2021-4718 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to the incorrect implementation of security checks fo...

5.3CVSS5.6AI score0.011EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2021/10/26 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for nginx (EulerOS-SA-2021-2599)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.52838EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2021/10/25 12:0 a.m.41 views

EulerOS 2.0 SP3 : nginx (EulerOS-SA-2021-2599)

According to the versions of the nginx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that cause...

9.8CVSS8.1AI score0.52838EPSS
Exploits11References4
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/10/22 3:7 p.m.36 views

Layer 7 DDoS Attacks: ❗️ Methods and Ways of Mitigation

The web has been the greatest type of development in the 21st century. It has uncovered the whole world to more current prospects and more effective methods of living. Today, we have various sites, online stores, online papers, etc. Essentially everything is online nowadays. Be that as it may, th...

Exploits0
Tenable Nessus
Tenable Nessus
added 2021/09/27 12:0 a.m.38 views

EulerOS 2.0 SP5 : nginx (EulerOS-SA-2021-2513)

According to the versions of the nginx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible...

7.4CVSS7.5AI score0.02037EPSS
Exploits0References2
CNVD
CNVD
added 2021/09/09 12:0 a.m.21 views

Fortinet FortiWeb Buffer Overflow Vulnerability

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

8.8CVSS9.1AI score0.01919EPSS
Exploits0References1
Citrix
Citrix
added 2021/08/30 12:0 a.m.9 views

Citrix Applayering Packaging VM boot error 0xC000000F

Application layer packaging VM boot fails with theboot error 0xC000000F The above given error appears on the packaging VM while you create a new application layer/edit an application layer with an OS layer version where the language packs are newly installed, but this boot failure doesn't appear...

7.2AI score
Exploits0
Prion
Prion
added 2021/08/05 6:15 p.m.12 views

Code injection

Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user...

5CVSS7.3AI score0.0094EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/08/05 5:15 p.m.17 views

CVE-2021-37625 Incorrect Check of Function Return Value in Skytable

Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user...

7.5CVSS7.6AI score0.0094EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2021/07/29 2:0 p.m.202 views

Holiday Readiness: What You Should Be Thinking About Four Months Out

Written by: Michael Hansen This is a blog series about Akamai solutions that can help you manage the surge of traffic both good and bad that will be hitting the retail industry during the holiday season. The beginning of August is upon us, and if you haven't already started thinking about the...

Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/07/15 5:10 a.m.252 views

What is DDoS attack❓ — Types and how to react to them

What is DDoS attack❓ — Types and how to react to them Distributed Denial of service attacks are assaults outfitted at making a PC, a cyber-service inaccessible by congesting it with traffic from various sources. The point is ordinarily to make the computers in question stop administration by...

0.1AI score
Exploits0
CNVD
CNVD
added 2021/07/06 12:0 a.m.9 views

Arbitrary File Download Vulnerability in NSYS Netnifty Second Generation Firewall of Shenzhen Netnifty Technology Co.

NSYS ACF, the second-generation firewall, is a new network security appliance designed for the application layer, capable of accurately identifying users, applications and content, with complete security protection capabilities, and able to comprehensively replace traditional firewalls with stron...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2021/07/05 12:0 a.m.4 views

F5 Nginx 信任管理问题漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. F5 Nginx is vulnerable to a trust management issue that stems from the presence of an ALPACA Application Layer Protocol Content Obfuscation attack, whic...

7.4CVSS7.4AI score0.02037EPSS
Exploits0References22
ThreatPost
ThreatPost
added 2021/06/08 1:0 p.m.34 views

Application Layer is Still the Front Door for Data Breaches

By Terry Ray, SVP and Fellow, Imperva Each year, the number of data breaches grows by 30% while the number of records compromised increases by an average of 224%. 2021 is far from over, but we’re already on pace for another record-setting year. In fact, Imperva research finds that more records we...

8.6AI score
Exploits0References2
Rows per page
Query Builder