Guide: How to Hack API in 60 minutes or API Threats Simulation with Open-Source Tools

**What is API?** API is the abbreviation for Application Programming Interface, which is a product middle person that permits two applications to converse with one another. ![]( ...

Continue Reading

Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT clai ...

Continue Reading
Google Extensible Service Proxy Header Forgery

Post ContentRead More ...

Continue Reading

An out-of-bounds memory read vulnerability was found in envoyproxy/envoy. When using one of the following envoy extensions, it is possible to modify and increase the request or response body size of t ...

Continue Reading

GRPC::Unknown logging token disclosureRead More ...

Continue Reading
Virtuozzo Hybrid Server 7.5 Update 3 (7.5.3-391)

Virtuozzo Hybrid Server 7.5 Update 3 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1160.53.1.vz7.185.3. **Vulnerability id:** PSBM-1332 ...

Continue Reading
Improper Authentication in etcd

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c ...

Continue Reading
Invalid-free in NIOHTTP2.NIOHTTP2Handler.

OSS-Fuzz report: ``` Crash type: Invalid-free Crash state: NIOHTTP2.NIOHTTP2Handler. NIOHTTP2.NIOHTTP2Handler.channelRead NIOCore.ChannelHan ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy