KuppingerCole 2025: Why Thales is a Market Leader in API Security

APIs are the backbone of modern applications connecting critical microservices and enabling enterprises to turn data into context-aware business logic via AI across their digital services. As applications become more contextual, APIs expose the data, workflows, and model interactions attackers...

Scaling API Security Without the Complexity: Lessons from Early Adopters

APIs are a blessing and a curse. They’re the backbone of the modern internet. They also expose complex behaviors that are often poorly documented, stitched together across legacy and cloud systems, and updated faster than security teams can review. Three key groups typically shoulder the burden o...

CVE-2025-8077

A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in admin account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default...

CVE-2025-8077

CVE-2025-8077 describes a vulnerability in NeuVector up to version 5.4.5 where the built-in admin account uses a fixed string as the default password. If this password is not changed after deployment, any workload with network access within the cluster could use the default credentials to obtain ...

CVE-2025-53884 NeuVector has an insecure password storage vulnerable to rainbow attack

NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack offline attack where hashes of known passwords are precomputed...

PT-2025-38255

Name of the Vulnerable Software and Affected Versions: The Scratch Channel versions prior to 1.2 Description: The Scratch Channel is a news website where a user with fork privileges can modify administrators and create articles via a POST request to the API. Recommendations: Update to version 1.2...

Kubernetes 安全漏洞

Kubernetes K8s is an open source system of Kubernetes open source for automating the deployment, scaling, and management of containerized applications. Kubernetes suffers from a trust management issue vulnerability that stems from the certificate validation logic not properly validating the chain...

CVE-2025-43799

Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35, and older unsupported versions does not limit access to APIs before a user has changed their initial password, whi...

CVE-2025-43799

CVE-2025-43799 affects Liferay Portal 7.4.0–7.4.3.111 (and older unsupported versions) and Liferay DXP 2023.Q4.0, 2023.Q3.1–3.4, 7.4 GA up to update 92, and 7.3 GA up to update 35. The issue: APIs may be accessible before a user changes their initial password, allowing remote users to access and ...

exploit_me

This is a vulnerable ARM/AARCH64 application, specifically designed for a CTF Capture The Flag style exploitation tutorial. The application is written in C and is intended to demonstrate various types of vulnerabilities, including integer overflow, stack overflow, array overflow, off-by-one, stac...

CVE-2025-43782

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated users to access a workflow definition by name via the API...

Exploit for CVE-2016-1057

This is a PoC exploit for CVE-2016-1057, a remote jailbreak for MikroTik's RouterOS. The exploit targets devices running v6.x.x and allows for remote code execution. The vulnerability exists on other device versions as well, but the exploit only supports v6.x.x. The exploit script is designed to...

CVE-2025-10371 eCharge Hardy Barth Salia PLCC api.php unrestricted upload

A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released ...

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

BIT-NIFI-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

RHSA-2025:15687 Red Hat Security Advisory: php:8.2 security update

Bulletin has no description...

CVE-2025-43782

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated users to access a workflow definition by name via the API...

CVE-2025-43782

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated users to access a workflow definition by name via the API...

AZL-67118 CVE-2025-48038 affecting package erlang for versions less than 25.3.2.21-4

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

CVE-2025-42933

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. This leads to exposure of sensitive credentials within http response body. As a result, it has a high impact on the confidentiality, integrity, and availability of t...