Design/Logic Flaw

The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality...

Sql injection

DHIS2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability affects the /api/programs/orgUnits?programs= API endpoint in DHIS2 versions prior to 2.36.10.1 and 2.37.6.1. The system is vulnerable to attack only from...

Insertion of Sensitive Information Into Sent Data

Overview github.com/mattermost/mattermost-server is an open source Slack-alternative in Golang and React. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the API process. An attacker can access sensitive information by sending crafted...

GHSA-7MQG-5FGH-XH4R MediaWiki Incorrect Access Control vulnerability

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

GHSA-43CM-73PX-5V4M OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors

The "create an instance" API in OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:ispublic property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for...

ch.cern.hadoop:hadoop-minikdc (>=2.7.4.0 <=2.7.5.1), com.alibaba.lindorm:lindorm-search-test-framework (>=8.10.1.3 <=8.10.2) +117 more potentially affected by CVE-2015-3250 via org.apache.directory.api:api-ldap-model (>=1.0.0-M14 <=1.0.0-M30)

org.apache.directory.api:api-ldap-model MAVEN version =1.0.0-M14, =2.7.4.0, =8.10.1.3, =2.0.0-beta1, =1.0.3, =1.0.3, =1.0.3, =0.1.1, =0.1.1, =0.3.0, =0.3.0, =0.4.0, =0.4.0, =1.8.0, =1.9.3 and more Source cves: CVE-2015-3250 Source advisory: OSV:GHSA-CX3Q-CV6W-MX4H...

GHSA-MFG4-9XF4-F45Q OpenStack Cinder Denial of Service using XML entities

The 1 backup api/contrib/backups.py and 2 volume transfer contrib/volumetransfer.py APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack. NOTE: this issue is due to an...

GHSA-PWRJ-F53C-F89J OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme

The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem:// URL in the image location property. NOTE: this vulnerability exists because of...

CVE-2022-29847

CVE-2022-29847 affects Progress IPSWITCH WhatsUp Gold versions 21.0.0–21.1.1 and 22.0.0. An unauthenticated attacker can invoke an API transaction to relay encrypted WhatsUp Gold user credentials to an arbitrary host. Impact: credential exposure via API, enabling unauthorized access. Exploitation...

Design/Logic Flaw

It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 on the system as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/wapNasIPS endpoint...

CVE-2021-45842

It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X 4.2.15-2107141517 on the system as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/wapNasIPS endpoint...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

Salon booking system < 7.6.3 - Unauthenticated Sensitive Data Disclosure

The plugin does not have proper authorisation when searching bookings, allowing any unauthenticated users to search other's booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it. PoC Although the API only...

CVE-2021-45966

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters...

PT-2022-13225 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions up to OUM 759 Description: A potential security issue was discovered in the Pandora API, which could allow an attacker with authenticated IP to inject SQL. Recommendations: For Pandora FMS versions up to OUM 759, at the...

Insufficient Granularity of Access Control

Description There are no rate limits and reuse of captcha is allowed resulting in reuse of same captcha to issue notifications to administrator Proof of Concept Capture the newsletter subscription flow in burp and continue with entering email & captcha until below POST form request is captured...

The vulnerability of the API of the Cisco Expressway Series and Cisco Telepresence VCS conference communication devices allows a hacker to re-record arbitrary files on the host operating system as the root user.

The vulnerability of the API of the Cisco Expressway Series and Cisco Telepresence VCS conference communication devices relates to insufficient validation of command arguments entered by users. Exploiting this vulnerability allows a malicious actor to re-write any files on the underlying operatin...

CVE-2021-41003

Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series...

Design/Logic Flaw

The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.6, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 2 incorrectly sets default permissions for site members, which allows remote authenticated users with the site...

PT-2022-1784 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series affected versions not specified Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue is related to multiple vulnerabilities in the API and web-based management...