Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF as of Read more about [2024.11] Web Attack Trend Report[…]
Vulnerability report written by the TA team by analyzing “Cleo Harmony, VLTrader and LexiCom File Read/Write Vulnerability” The vulnerability is a file read/write vulnerability in the software provided by Cleo that attempts to access or upload malicious files in the service using the software through a manipulated VLSync header. The vulnerabilities were patched in Harmony, Read more about [2024.12 Vulnerability Report] Cleo Harmony, VLTrader and LexiCom File Read/Write Vulnerability[…]
Vulnerability report written by the TA team by analyzing “Joomla! CMS Security Bypass (CVE-2023-23752)” CVE-2023-23752 is a vulnerability found in Joomla! versions 4.0.0 through 4.2.7 that allows unauthorized access to web service endpoints due to incorrect access validation. This can lead to a risk that a malicious user can access the system without authentication or Read more about [2024.11 Vulnerability Report] Joomla! CMS Security Bypass (CVE-2023-23752)[…]
Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF as of Read more about [2024.10] Web Attack Trend Report[…]
Vulnerability report written by the TA team by analyzing “Github Enterprise Server Authentication Bypass” The vulnerability is an authentication bypass vulnerability in the Github Enterprise Server (GHES), which can lead to an attack that bypasses signature verification operations and accesses GHES arbitrary accounts by sending crafted SAML requests to GHES services with SAML SSO authentication Read more about [2024.11 Vulnerability Report] Github Enterprise Server Authentication Bypass[…]
Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF as of Read more about [2024.09] Web Attack Trend Report[…]
Vulnerability report written by the TA team by analyzing “PHP Stack Buffer Overflow Vulnerability” CVE-2023-3824 is a stack buffer overflow vulnerability in PHP that occurs when reading PHAR (PHP Archive) files. This vulnerability could allow attackers to cause memory corruption or execute remote code on the affected system. To mitigate this risk, it is crucial Read more about [2024.10 Vulnerability Report] PHP Stack Buffer Overflow Vulnerability[…]
Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF as Read more about [2024.08] Web Attack Trend Report[…]
Vulnerability report written by the TA team by analyzing “Jenkins Arbitrary File Read” The vulnerability is a random file read vulnerability in Jenkins that could allow an agent-accessible attacker to connect with the controller and read to any file in the controller, which could lead to an RCE attack. The vulnerabilities were patched in Jenkins Read more about [2024.09 Vulnerability Report] Jenkins Arbitrary File Read[…]
Vulnerability report written by the TA team by analyzing “MS Office Zero-day vulnerability Follina(CVE-2022-30190)” CVE-2022-30190 is a remote code execution (RCE) vulnerability in Microsoft Support Diagnostic Tool (MSDT) that could allow attackers to execute arbitrary commands on a victim’s system via a malicious Word document. To prevent this vulnerability, it is important to apply the Read more about [2024.08 Vulnerability Report] MS Office Zero-day vulnerability Follina(CVE-2022-30190)[…]
