EUVD-2015-6228

Malware in sbrugna...

EUVD-2022-25933

Malicious code in bioql PyPI...

Navigating the API Security Landscape: Your Definitive API Security Buyer’s Guide for 2025

APIs power today’s digital economy—connecting customers, partners, and internal services at breakneck speed. But with that agility comes risk: in 2024 alone, API vulnerabilities cost organizations a staggering$2.5 billion in remediation, fines, and lost revenue. As APIs proliferate, traditional...

Introducing Wiz Service Catalog: Democratize Cloud Security with Application Service Visibility

Empower platform teams and developers to reduce noise, scale ownership, and accelerate remediation across cloud-native apps...

CVE-2025-20183

A vulnerability in a policy-based Cisco Application Visibility and Control AVC implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. The vulnerability i...

CVE-2024-23805

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

Default configuration

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

CVE-2024-23805 F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

CVE-2024-23805

Summary (CVE-2024-23805) : This vulnerability affects F5 BIG-IP products, notably the Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM. It arises when an HTTP Analytics profile with URLs enabled is configured on a virtual server and the database variables avr.IncludeServerI...

CVE-2024-23805 F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability

Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables...

F5 Networks BIG-IP : F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability (K000137334)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137334 advisory. - Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application...

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, when running on the BIG-IP TMOS Shel operating system, allow attackers to expose the protected information.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the associated software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, are related to memory leak-related errors, allowing attackers to trigger service interruptions.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS 17 and iPadOS 17, which stems from the fact that an application m...

The vulnerability of the Cisco Software-Defined Application Visibility and Control (SD-AVC) function in the Cisco Catalyst SD-WAN Manager centralized network management system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Cisco Software-Defined Application Visibility and Control SD-AVC function in the Cisco Catalyst SD-WAN Manager centralized network management system is related to the possibility of using strictly encrypted authentication credentials. Exploiting this vulnerability could...

The vulnerability of the Cisco Software-Defined Application Visibility and Control (SD-AVC) function in the centralized network management system, the Cisco Catalyst SD-WAN Manager, allows a intruder to gain unauthorized access to the system.

The vulnerability of the Cisco Software-Defined Application Visibility and Control SD-AVC function in the centralized network management system, Cisco Catalyst SD-WAN Manager, is related to the lack of authentication for this critical function. Exploiting this vulnerability could allow a maliciou...

Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password (cisco-sa-sdavc-ZA5fpXX2)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GU...

PT-2022-6014 · Cisco · Cisco Sd-Avc +1

Name of the Vulnerable Software and Affected Versions: Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage affected versions not specified Description: A vulnerability in the authentication mechanism of Cisco SD-AVC on Cisco vManage could allow an unauthenticated,...

The vulnerability of the Application Visibility and Control (AVC-FNF) function in the Cisco IOS XE operating system of Cisco Catalyst 9800 and 9800-CL for Cloud controller devices allows a intruder to trigger a service failure.

The vulnerability of the Application Visibility and Control AVC-FNF function in the Cisco IOS XE operating system of Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers is related to a breach of the buffer’s initial boundary. Exploiting this vulnerability can allow an attacker ...

CVE-2022-20683

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...