Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code Execution

In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity...

Openstack Magnum Unsafe Credential Handling

OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform...

GHSA-793V-R35J-9RP9 Openstack Magnum Unsafe Credential Handling

OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform...

PT-2022-17170

Name of the Vulnerable Software and Affected Versions Bonita Web version 2021.2 Description Bonita Web 2021.2 is affected by an authentication/authorization bypass due to an overly permissive exclusion pattern within the RestAPIAuthorizationFilter. Appending ;i18ntranslation or /../i18ntranslatio...

CVE-2022-29178 Incorrect Default Permissions in Cilium

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 100...

CVE-2022-29845

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...

PT-2022-19871 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions 21.1.0 through 21.1.1 Ipswitch WhatsUp Gold version 22.0.0 Description: The issue allows an authenticated user to invoke an API transaction to read the contents of a local file. Recommendations: For Ipswitch...

Progress Software WhatsUp Gold 代码问题漏洞

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability in Progress Software WhatsUp Gold versions 17.0.0 through 21.1...

Information Disclosure

github.com/ipfs/go-ipfs is vulnerable to information disclosure. The vulnerability exists in docker-compose.yaml because the resulting list of listeners when running IPFS are either public or bound to public IPs which allows an attacker to gain admin API access to the IPFS node and control user...

Opened exploitable ports in default docker-compose.yaml in go-ipfs

Impact Allows admin API access to the IPFS node. Who ? This affects people running the docker-compose.yaml service in an environment where the docker host is directly attached to a public or untrusted IP. In the vulnerable version, the private API endpoint is publicly forwarded by exposing it as...

GHSA-FX5P-F64H-93XC Opened exploitable ports in default docker-compose.yaml in go-ipfs

Impact Allows admin API access to the IPFS node. Who ? This affects people running the docker-compose.yaml service in an environment where the docker host is directly attached to a public or untrusted IP. In the vulnerable version, the private API endpoint is publicly forwarded by exposing it as...

CVE-2022-26676

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service...

CVE-2022-27919

Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...

CVE-2021-3814

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure...

Gradle 安全漏洞

Gradle is the U.S. Gradle company's set of JVM-based project build tool , it supports maven, Ivy repository and so on. A security vulnerability exists in Gradle Enterprise that allows remote code execution. The configuration allows certain anonymous access to the administration and APIs.No detail...

PT-2022-18690 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2022.1 Description: The issue allows remote code execution if the installation process did not specify an initial configuration file, enabling certain anonymous access to administration and an API...

PT-2022-2681 · Pjsip +4 · Pjsip +4

Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.12 and prior Description: The issue is related to a stack buffer overflow vulnerability in the PJSIP multimedia communication library, specifically affecting users of PJSUA2 or those who call the API endpoints pjmedia sdp pri...

Salon booking system < 7.6.3 - Customer+ Bookings/Customers Data Disclosure

The plugin does not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data Make a booking to get a customer account Login via API and get access token: curl...

CVE-2022-26500

Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code...

CVE-2022-25089

Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEYLOCALMACHINE via UITasks.PersistentRegistryData...