CVE-2018-18836

Netdata CVE-2018-18836 is a JSON injection vulnerability in Netdata 1.10.0 via api/v1/data tqx parameter (web_client_api_request_v1_data in web/api/web_api_v1.c). Connected advisories indicate fixes in later Netdata releases (e.g., update to 1.31.0 per OpenSUSE/OpenSUSE-SU-2021-1603-1 and related...

CVE-2018-18837

An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...

CVE-2018-15664

In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operatio...

Design/Logic Flaw

doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 accesstoken in a uri=blog&action=index&controller=blog...

UBUNTU-CVE-2014-1427

A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2...

Uber: Sensitive user information disclosure at bonjour.uber.com/marketplace/_rpc via the 'userUuid' parameter

It was possible for an attacker to insert another user’s UUID into the userUuid POST parameter when making a request to https://bonjour.uber.com/marketplace/rpc?rpc=getConsentScreenDetails, allowing them to retrieve personal data from the victim user’s account, as well as the user's mobile auth...

GHSA-FVX3-G627-PHM2 Server-Side Request Forgery (SSRF) in com.ctrip.framework.apollo:apollo

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled...

New Relic: Full name of other accounts exposed through NR API Explorer (another workaround of #476958)

It's the gift that keeps on giving, and I've found another gift! Another way to find the full name of another New Relic user, without having them confirm their account and join your team. Thsi time I make use of the New Relic API which pulls details for me through the /v2/users.json endpoint. Ste...

Sql injection

Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data...

CVE-2019-3792 Concourse 5.0.0 SQL Injection vulnerability

Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data...

PT-2019-19406 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.5.11 Description: A SQL injection issue allows attackers to execute arbitrary SQL commands via the API when using fusekeys and a malicious user id. Recommendations: For versions prior to 5.5.11, update to version...

Pivotal Software Concourse SQL Injection Vulnerability

Pivotal Software Concourse is a software delivery control system for continuous development from Pivotal Software. A SQL injection vulnerability exists in the API in Pivotal Software Concourse versions prior to 5.0.1. A remote attacker can exploit this vulnerability to read privileged data via a...

CVE-2019-10042

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication...

Belkin Wemo UPnP Remote Code Execution

This module exploits a command injection in the Belkin Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. This module has been tested on a Wemo-enabled Crock-Pot, but other Wemo devices are known to be affected, albeit on a different RPORT 49153. This module requires...

CVE-2018-18602

The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring...

Authentication flaw

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API...

PYSEC-2018-11

Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery CSRF vulnerability in API endpoint: /api/ that can result in Task metadata such as task name, id, parameter, etc. will be leake...

CVE-2018-1000843

Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery CSRF vulnerability in API endpoint: /api/ that can result in Task metadata such as task name, id, parameter, etc. will be leake...

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security...

CVE-2018-7066

CVE-2018-7066 describes an unauthenticated remote command execution in Aruba ClearPass Policy Manager via the OnConnect feature. A defect in the API used to link other network devices (configuration under CLI Settings for linked devices) could allow a remote attacker to execute arbitrary commands...