Why AI Bot Protection and Control Are Essential for Application Security

AI-driven automation is no longer emerging. It is already integrated and accepted as internet traffic. From AI assistants and crawlers to enterprise automation tools, websites are now routinely accessed by non-human actors operating at scale. Vulnerabilities or weaknesses in your application...

Improper Access Control in Configuration (Credential store)

Description Pandora FMS v7.0NG.759 allows improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role. Proof of Concept Affected endpoint: POST...

CVE-2018-2454

SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 in business function EAFSBCABUSOPR2 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges...

Huawei Secospace AntiDDoS8000 Memory Leak Vulnerability

Huawei Secospace AntiDDoS8000 is a firewall product from Huawei, China. A memory leak vulnerability exists in Huawei Secospace AntiDDoS8000 V500R001C20SPC500 version, which is due to the program failing to properly free memory. An attacker could exploit this vulnerability to cause a device anomal...