487 matches found
Design/Logic Flaw
Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could b...
CVE-2023-26454
Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could b...
CVE-2023-34992
A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet allows attacker to execute unauthorized code or commands via crafted API requests...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API...
CVE-2023-34992
A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet allows attacker to execute unauthorized code or commands via crafted API requests...
CVE-2023-34992
A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet allows attacker to execute unauthorized code or commands via crafted API requests...
CVE-2023-34992
CVE-2023-34992 affects Fortinet FortiSIEM (report server) with an OS command injection via crafted API requests. Root cause: improper neutralization of special elements in OS command handling (CWE-78). Impact: remote unauthenticated attacker can execute arbitrary commands, potentially as root, on...
Design/Logic Flaw
Graylog is a free and open log management platform. In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Each node maintains an in-memory cache of user sessions. Upon a cache-miss,...
CVE-2023-41041
CVE-2023-41041 concerns Graylog2-server where, in a multi-node cluster, a user session can remain valid for API requests after logout due to per-node session caching. When a user logs out, local caches are cleared and the database may delete the session, but other nodes retain a cached copy, allo...
CVE-2023-41041 User session is still usable after logout in graylog2-server
Graylog is a free and open log management platform. In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Each node maintains an in-memory cache of user sessions. Upon a cache-miss,...
Session Fixation
graylog2-server is vulnerable to Session Fixation. The vulnerability exists because a node may still have the session cached even when a user has explicitly logged out, which allows the session to still be used for API requests until it has reached its original expiry time...
GHSA-H9WQ-XCQX-MQXM Vendure Cross Site Request Forgery vulnerability impacting all API requests
Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false which results in not having one originates from the cookie-session npm package’s default settings. Patch...
Graylog user session is still usable after logout
Summary In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Details Each node maintains an in-memory cache of user sessions. Upon a cache-miss, the session is loaded from the...
CVE-2023-35167 When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id
Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the id of an entity instance is not authorized to access, can gain...
GHSA-7HH3-3X64-V2G9 When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id
Impact If you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the id of an entity instance she is not authorized to access, can gain read, update and delete access to it...
When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id
Impact If you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the id of an entity instance she is not authorized to access, can gain read, update and delete access to it...
Cisco DNA Center Information Disclosure Vulnerability (CNVD-2023-62938)
Cisco DNA Center is a network management and command center service from Cisco USA. An information disclosure vulnerability exists in Cisco DNA Center. The vulnerability stems from improper authorization of API requests and can be exploited by an authenticated, remote attacker to read information...
Cisco DNA Center Authorization Issues Vulnerability
Cisco DNA Center is a network management and command center service from Cisco USA. Cisco DNA Center is vulnerable to an authorization issue. The vulnerability stems from improper authorization of API requests and can be exploited by an authenticated, remote attacker to read information from a...
rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack
A flaw was found in rubygem-actionpack where CSP headers were sent with responses that Rails considered "HTML" responses. This flaw allows an attacker to leave API requests without CSP headers and perform a Cross-site scripting attack...
Design/Logic Flaw
IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the...