1618 matches found
Heap overflow
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This issue can also lead to data corruption. NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."...
PT-2019-16904 · Ibm · Ibm Websphere Extreme Scale
Name of the Vulnerable Software and Affected Versions: IBM WebSphere eXtreme Scale version 8.6 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This...
CVE-2018-21019
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...
Razer: Misconfigured s3 Bucket exposure
Found a s3 bucket that belongs to razer and properly not configured. bucket name:- http://rzimageupload.s3.amazonaws.com/ Bucket Source:- https://api.razer.com Steps To reproduce:- 1. Go to https://api.razer.com and create a project . 2. In the project icon select an image from your computer. 3...
GitLab Information Disclosure Vulnerability (CNVD-2019-30780)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in the Epic Notes API in...
CVE-2019-12643
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed by the area of code that manages the REST...
CVE-2019-1938 Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is...
CVE-2019-12634 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Denial of Service Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...
PT-2020-3642 · Saltstack +3 · Saltstack Salt +3
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 2019.2.3 SaltStack Salt versions prior to 2019.2.0 Description: The issue allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. This is due ...
Design/Logic Flaw
EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. A malicious attacker can inject JavaScript code in the body parameter during api/v1/KnowledgeBaseArticle knowledge-base record creation...
Default credentials
EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker can brute-force a user password hash by 1 symbol at a time using specially crafted api/v1/User?filterList filters...
CVE-2019-11730
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...
Unspecified Vulnerability in RANGER Studio Directus
RANGER Studio Directus is a set of open source headless CMS and API for managing custom databases from RANGER Studio, U.S.A. The Directus API is one of the components that can add a RESTful API layer to new or existing SQL databases. A security vulnerability exists in the RANGER Studio Directus 7...
Cross site request forgery (csrf)
OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request...
CVE-2019-13337
WESEEK GROWI prior to 3.5.0 is affected. A flaw in site-wide basic authentication allows bypass by supplying the URL parameter access_token (the API parameter). No valid token is validated by the backend, enabling the website to be browsed as if authentication were not required. The core issue is...
CVE-2019-1889
A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller APIC Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checki...
Stack overflow
The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...
WP Statistics <= 12.6.6.1 - Unauthenticated Blind SQL Injection
An endpoint of the API, which is exposed when the 'use cache plugin' setting is enabled by default disabled, is vulnerable to an unauthenticated blind SQLi issue. PoC time curl -X POST 'http://host/wp-json/wpstatistics/v1/hit' --data...
Vercel: User personal data disclosure via API
Summary: As a normal user, the API allows me to obtain information about other users by passing their email address as a query parameter which then returns their name, username, uid, avatar hash, and email in the HTTP response body. Under GDPR regulations this information disclosure is categorize...
CVE-2018-18837
An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...