CVE-2024-20440

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...

CVE-2024-28233

JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...

CVE-2024-37905

authentik is an open-source Identity Provider that emphasizes flexibility and versatility. Authentik API-Access-Token mechanism can be exploited to gain admin user privileges. A successful exploit of the issue will result in a user gaining full admin access to the Authentik application, including...

CVE-2025-24899 Disclosure of Sensitive User Information via API in reNgine

reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where an insider attacker with any role such as Auditor, Penetration Tester, or Sys Admin can extract sensitive information from other reNgine users. After running a scan and obtainin...

CVE-2024-53355

CVE-2024-53355 affects EasyVirt DCScope (versions 8.6.0 and earlier) and EasyVirt CO2Scope (versions 1.3.0 and earlier). The issue is improper access control in the user API surface, enabling remote authenticated attackers with low privileges to perform admin-like actions via multiple endpoints: ...

CVE-2025-22220

CVE-2025-22220 affects VMware Aria Operations for Logs. A privilege-escalation vulnerability allows a malicious actor with non-administrative privileges and network access to the Aria Operations for Logs API to perform certain operations in the context of an admin user. The issue is part of a set...

PT-2025-4396 · Vmware · Vmware Aria Operations For Logs

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Logs affected versions not specified Description: The issue is related to insecure privilege management in VMware Aria Operations for Logs, allowing a malicious actor with non-administrative privileges and network...

CVE-2021-42718

Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin...

CVE-2021-42718 Sensitive data unnecessarily returned from authenticated API

Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin...

CVE-2024-43710

A server side request forgery vulnerability was identified in Kibana where the /api/fleet/healthcheck API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that return JSON could be accessed. This can be carried...

GHSA-C9P4-XWR9-RFHX Zot IdP group membership revocation ignored

Summary The group data stored for users in the boltdb database meta.db is an append-list so group revocations/removals are ignored in the API. Details SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the grou...

PT-2025-3104 · Unknown · Vaultwarden

Name of the Vulnerable Software and Affected Versions: Vaultwarden version 1.32.5 Description: The issue is related to an authenticated reflected Cross-Site Scripting XSS vulnerability. This vulnerability is present in the /api/core/mod.rs component. Recommendations: For Vaultwarden version 1.32....

CVE-2025-21611 tgstation-server's role authorization incorrectly OR'd with user's enabled status

tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to authorize API methods were incorrectly OR'd instead of AND'ed with the role used to determine if a user was enabled. This allows enabled users access to most, but not all, authorized actions...

CVE-2024-12108

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API...

CVE-2024-12108 WhatsUp Gold - Public API signing key rotation issue

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API...

CVE-2024-56799 Simofa Allows Unauthenticated Access to API Routes

Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication. This vulnerability has been patched in v0.2.7...

CVE-2024-12371

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and...

CVE-2024-12371

CVE-2024-12371 affects Rockwell Automation Power Monitor 1000. Vulnerability: API allows unauthenticated creation of a Policyholder user with high privileges (edit operations, admin creation, factory reset). Reported impact includes device takeover and potential for remote code execution/DoS via ...

PT-2024-28642 · Threatquotient · Threatq

Name of the Vulnerable Software and Affected Versions: ThreatQuotient ThreatQ versions prior to 5.29.3 Description: The issue allows authenticated users to execute arbitrary commands by sending a crafted request to an API endpoint. Recommendations: For versions prior to 5.29.3, update to version...

CVE-2024-5333

The Events Calendar WordPress plugin before 6.8.2.1 is missing access checks in the REST API, allowing for unauthenticated users to access information about password protected events...