1998 matches found
Design/Logic Flaw
Cube is a semantic layer for building data applications. Prior to version 0.34.34, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. The issue has been patched in v0.34.34 and it's recommended that all users exposing Cube APIs...
SUSE-SU-2023:4758-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.10 SUSE Linux Enterprise Server Micro 5.5 support CLM filter by package build date Enhanced Errata.getDetails API endpoint CVEs fixed: CVE-2023-22644 Bugs mentioned: bsc1191143, bsc1204235, bsc1207012,...
CVE-2023-36654
Directory traversal in the log-download REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to download host server SSH private keys associated with a Linux root user by injecting paths inside REST API endpoint parameters...
PT-2023-7508 · Tenda · Tenda Ax12
Name of the Vulnerable Software and Affected Versions: Tenda AX12 version V22.03.01.46 Description: The issue is related to a command injection vulnerability in the mac parameter at the "/goform/SetOnlineDevName" API endpoint. This vulnerability is due to the lack of input validation when...
[SECURITY] [DSA 5571-1] rabbitmq-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5571-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2023 https://www.debian.org/security/faq -...
CVE-2023-32065 OroCommerce get-totals-for-checkout API endpoint returns unwanted data
OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information may be received by Order ID. This issue is patched in version 5.0.11 and 5.1.1...
GHSA-WQ8Q-99P5-XFRW Apache Superset Cross-site Scripting vulnerability
Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code could get executed if a user specifically accesses a specific deprecated API endpoint. This issue affects Apache...
EXNESS: Unrestricted Access to Celery Flower Instance
The publicly accessible Celery Flower instance allowed unrestricted access, exposing sensitive information, and the ability to manipulate tasks...
CVE-2023-43701 Apache Superset: Stored XSS on API endpoint
Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code could get executed if a user specifically accesses a specific deprecated API endpoint. This issue affects Apache...
Authentication flaw
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...
CVE-2023-6021 Ray Log File Local File Include
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...
PT-2023-30694 · Unknown · Xxl-Job-Admin
Name of the Vulnerable Software and Affected Versions: xxl-job-admin version 2.4.0 Description: The issue is related to Cross Site Scripting XSS that can be exploited via the "/xxl-job-admin/joblog/logDetailPage" API endpoint. This allows for potential malicious script injection. Recommendations:...
CVE-2023-46730
Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery SSRF vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to...
CVE-2023-46730 Server-Side Request Forgery in groupoffice
Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery SSRF vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to...
Denial Of Service (DoS)
Mattermost is vulnerable to Denial Of Service DoS. The vulnerability is due to improper restrictions in the /api/v4/redirectlocation endpoint, which results in a Denial of Service due to the of caching large items...
PT-2023-30394 · Qualitor · Qualitor
Name of the Vulnerable Software and Affected Versions: Qualitor versions prior to 8.21 Description: The issue allows remote attackers to execute arbitrary code. This can be achieved by injecting PHP code into the gridValoresPopHidden parameter in the...
Server-Side Request Forgery (SSRF)
foodcoopshop/foodcoopshop is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the lack of proper image validation. This flaw permits an attacker to send a request to any host on the local network, which then responds with a 200 status code for a HEAD requests serving a...
CVE-2023-46725 FoodCoopShop Server-Side Request Forgery vulnerability
FoodCoopShop is open source software for food coops and local shops. Versions starting with 3.2.0 prior to 3.6.1 are vulnerable to server-side request forgery. In the Network module, a manufacturer account can use the /api/updateProducts.json endpoint to make the server send a request to an...
PT-2023-26707
Name of the Vulnerable Software and Affected Versions Lost and Found Information System version 1.0 Description The issue allows account takeover via username and password to a "/classes/Users.php?f=save" API endpoint. Recommendations For Lost and Found Information System version 1.0, consider...
PT-2023-30248 · Unknown · Peppermint Ticket Management
Name of the Vulnerable Software and Affected Versions: Peppermint Ticket Management versions 0.2.4 and earlier Description: The issue allows remote attackers to read arbitrary files via a "/api/v1/ticket/1/file/download?filepath=../" POST request. This is achieved by exploiting the filepath...