CyRC Vulnerability Advisory: CVE-2023-0871 Vulnerability in OpenNMS Horizon
CVE-2023-0871 is an XML External Entity injection vulnerability in OpenNMS Horizon. Overview The Synopsys Cybersecurity Research Center (CyRC) has discovered CVE-2023-0871, an XML External Entity injection vulnerability, in OpenNMS Horizon ... Read More
OWASP Top 10: Security misconfiguration
Listed at #5 in the OWASP Top 10 list, security misconfiguration refers to vulnerabilities that result from an application’s configuration. ... Read More
CyRC Vulnerability Advisory: CVE-2023-25828 Authenticated Remote Code Execution in Pluck CMS
Synopsys Cybersecurity Research Center discovers new RCE vulnerability that can leave Pluck Content Management System vulnerable ... Read More
OWASP Top 10: Insecure design
Listed as #4 on the OWASP Top 10 list, insecure design is a new category added in 2021 and is related to design and architectural flaws in web apps. ... Read More
OWASP Top 10: Injection
Listed as #3 on the OWASP Top 10 list, injection occurs when an attacker sends malicious data to an app to make it do something it’s not supposed to do ... Read More
OWASP Top 10: Cryptographic failures
Listed as #2 on the OWASP Top 10 list, cryptographic failures expose sensitive data due to a lack of or weak encryption ... Read More
CyRC Vulnerability Advisory: CVE-2023-23846 Denial-of-Service Vulnerability in Open5GS GTP Library
Learn about CVE-2022-23846, a denial-of-service-vulnerability affecting GTP libraries found in Open5GS ... Read More
OWASP Top 10: Broken access control
Listed as #1 on the OWASP Top 10 list, broken access control is when an attacker can gain unauthorized access to restricted information or systems ... Read More
Cybersecurity Research Center Developer Series: The OWASP Top 10
In this new Cybersecurity Research Center series, we analyze the OWASP Top 10, which is a list of the most common vulnerabilities in web applications ... Read More
CyRC Case Study: Exploitable memory corruption using CVE-2020-25669 and Linux Kernel
This in-depth analysis explores CVE-2020-25669, a vulnerability that exploited a memory corruption issue in Linux Kernel. The post CyRC Case Study: Exploitable memory corruption using CVE-2020-25669 and Linux Kernel appeared first on Application Security Blog ... Read More