PAN-OS: OS Command Injection Vulnerability in the XML API

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with lim ...

Continue Reading
Improper validation in meraki

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request (e.g. to insert a new header) or create ...

Continue Reading
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for November 2023.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF027 and 23.0.1-IF005. This bulletin identifies the steps to take to address the vulnerabilit ...

Continue Reading
Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three ...

Continue Reading
PAN-OS: OS Command Injection Vulnerability in the XML API

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with lim ...

Continue Reading
Denial of service attack on the cube-api endpoint

Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Patches The issue has been patched in the v0.34.34 and it's recomme ...

Continue Reading
Denial Of Service (DoS)

nuxt-api-party is vulnerable to Denial of Service (DoS). The vulnerability could be exploited via crafting a malicious URL and setting high retry attempts, which allows an attacker to trigger a recurs ...

Continue Reading
CVE-2023-36639

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through ...

Continue Reading

Back to Main

Subscribe for the latest news: