CVE-2022-27978

Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request...

PT-2023-12928 · Tooljet · Tooljet

Name of the Vulnerable Software and Affected Versions: Tooljet version 1.6 Description: The issue arises from the improper handling of missing values in the API, allowing attackers to send a crafted HTTP request to arbitrarily reset passwords. Recommendations: For Tooljet version 1.6, consider...

inDrive: Rider can forcefully get passenger's order accepted resulting in multiple impacts including PII reveal and more mentioned in the report.

A vulnerability was found in the customer order flow that allowed a driver to forcefully accept an order on behalf of a passenger, bypassing the normal negotiation process. This allowed the driver to set the ride price without following the built-in fare calculation algorithm...

CVE-2023-2020 Unauthorized scheduling of downtimes via REST API

Insufficient permission checks in the REST API in Tribe29 Checkmk = 2.1.0p27 and = 2.2.0b4 beta allow unauthorized users to schedule downtimes for any host...

CVE-2022-45173

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool the...

GHSA-PWFV-3CVG-9M4C org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors

Impact The Document script API returns directly a DocumentAuthors allowing to set any authors to the document, which in consequence can allow subsequent executions of scripts since this author is used for checking rights. Example of such attack: velocity...

Server side request forgery (ssrf)

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery SSRF via the component /api/gen/clients/language. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request...

CVE-2022-48433

In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server...

PT-2023-20802 · Digital China Networks · Dcbi-Netlog-Lab

Name of the Vulnerable Software and Affected Versions: DCBI-Netlog-LAB version 1.0 Description: The issue allows attackers to bypass authentication and execute arbitrary commands via a crafted request to the "/network config/nsg masq.cgi" API endpoint. This is due to a problem in the component...

Argo CD authenticated but unauthorized users may enumerate Application names via the API

Impact All versions of Argo CD starting with v0.5.0 are vulnerable to an information disclosure bug allowing unauthorized users to enumerate application names by inspecting API error messages. An attacker could use the discovered application names as the starting point of another attack. For...

PT-2023-4536 · Zoho · Zoho Manageengine Admanager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADManager Plus versions 7182 and prior Description: The issue is related to insufficient protection of registration data, allowing an attacker to gain unauthorized access to protected information. This can be achieved by...

CVE-2022-46257 Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository names

An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed private repositories to be added to a GitHub Actions runner group via the API by a user who did not have access to those repositories, resulting in the repository names being shown in the UI. To exploi...

PT-2023-19417 · Jensen Of Scandinavia · Jensen Of Scandinavia Eagle 1200Ac

Name of the Vulnerable Software and Affected Versions: Jensen of Scandinavia Eagle 1200AC version 15.03.06.33 en Description: A stack overflow issue was discovered via the wepkey4 5g parameter at the "/goform/WifiBasicSet" API endpoint. Recommendations: For version 15.03.06.33 en, as a temporary...

Internet Bug Bounty: JWT audience claim is not verified

An improper authorization vulnerability existed in all versions of Argo CD starting with v1.8.2, allowing the API to accept certain invalid tokens due to the lack of validation of the audience claim in signed tokens. This could allow an attacker to use a stolen token intended for a different...

CVE-2023-27264 IDOR: Updating a playbook via the Playbooks API

A missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/playbookID API...

K43520321: NGINX Controller API Vulnerability CVE-2020-5901

Security Advisory Description Undisclosed API endpoints may allow for a reflected Cross Site Scripting XSS attack. If the victim user is logged in as admin this could result in a complete compromise of the system. CVE-2020-5901 Impact For the attack to occur, a user must visit a specially crafted...

8x8 Bounty: connect.8x8.com: Too much resource consumption of the server due to incorrect date range control via /api/v1/reports?dateFrom=

The server of connect.8x8.com was vulnerable to excessive resource consumption due to incorrect date range control via the /api/v1/reports endpoint. Attackers could cause the server to crash by repeatedly increasing the date range, potentially leading to a DoS attack. The vulnerability has since...

SUSE CVE-2005-3905

Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.115 and earlier, 1.4.208 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a differen...

SUSE CVE-2017-3305

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: C API. Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

SUSE CVE-2020-2816

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability c...