Lucene search
K

185 matches found

OSV
OSV
added 2018/12/19 5:53 p.m.5 views

DRUPAL-CONTRIB-2018-081

This module provides a JSON:API specification-compliant HTTP API for accessing and manipulating Drupal content and configuration entities. The module doesn't sufficiently check access when responding to certain filtered collection requests, thereby causing an access bypass vulnerability. This mea...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2018/10/22 12:53 p.m.452 views

PatrOwl - Open Source, Free And Scalable Security Operations Orchestration Platform

PatrOwl is a scalable, free and open-source solution for orchestrating Security Operations. PatrowlManager is the Front-end application for managing the assets, reviewing risks on real-time, orchestrating the operations scans, searches, API calls, ..., aggregating the results, relaying alerts on...

7.4AI score
Exploits0References3
seebug.org
seebug.org
added 2018/05/18 12:0 a.m.175 views

Claymore Dual Miner Remote Code Execution(CVE-2018-1000049)

Hello everybody, today I will show you how I found a Remote Code Execution vulnerability on popular Claymore Dual Miner developed by nanopool which you can download from GitHub here. Before continuing to read I want to clarify that I already emailed nanopool without receiving any kind or response...

6CVSS8AI score0.77297EPSS
Exploits7
OSV
OSV
added 2018/03/21 4:59 p.m.3 views

DRUPAL-CONTRIB-2018-016

This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities. The module doesn't sufficiently check access when viewing related resources or relationships, thereby causing an access bypass vulnerability. This vulnerability is...

6.7AI score
Exploits0References1
0day.today
0day.today
added 2018/02/03 12:0 a.m.51 views

Claymore Dual GPU Miner 10.5 Format String Vulnerability

Exploit for multiple platform in category remote exploits Claymore Dual Gpu Miner = 10.5 Format Strings Vulnerability ======================================================================= product: Claymore's Dual Miner vulnerable version: = 10.5 fixed version: 10.6 CVE number: - CVE-2018a6317...

6.4CVSS9.1AI score0.44306EPSS
Exploits3
Fedora
Fedora
added 2017/12/09 10:28 p.m.35 views

[SECURITY] Fedora 26 Update: couchdb-1.7.1-3.fc26

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

10CVSS2.7AI score0.99838EPSS
Exploits21
CVE
CVE
added 2016/10/07 2:0 p.m.62 views

CVE-2016-7040

CVE-2016-7040 affects Red Hat CloudForms Management Engine (CFME) 4.1. A input-validation flaw in how CFME handles regular expressions passed to the expression engine via the JSON API and the web UI allows remote authenticated users to execute arbitrary shell commands by viewing/filtering collect...

9CVSS8.8AI score0.02256EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/10/07 2:0 p.m.35 views

CVE-2016-7040

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections...

8.9AI score0.02256EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/10/04 2:26 p.m.34 views

Important: Red Hat Security Advisory: CFME 4.1 bug fixes and enhancement update

Updated cfme packages that fix bugs and add various enhancements are now available for Red Hat CloudForms 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9CVSS7.6AI score0.02256EPSS
Exploits0References145
NVD
NVD
added 2016/08/03 1:59 a.m.25 views

CVE-2016-5668

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call...

9.8CVSS9.6AI score0.0443EPSS
Exploits0References2
Prion
Prion
added 2016/08/03 1:59 a.m.25 views

Authentication flaw

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call...

7.5CVSS7.7AI score0.0443EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/08/03 1:0 a.m.27 views

CVE-2016-5668

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call...

9.7AI score0.0443EPSS
Exploits0References2
CVE
CVE
added 2016/08/03 1:0 a.m.42 views

CVE-2016-5668

CVE-2016-5668 affects Crestron DM-TXRX-100-STR devices running firmware before 1.3039.00040. The vulnerability is an authentication bypass in the device’s web management interface, where a JSON API call can modify device settings without authentication (Missing Authentication for Critical Functio...

9.8CVSS9.5AI score0.0443EPSS
Exploits0References2Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2016/08/01 12:0 a.m.157 views

Docebo LMS 6.9 - (Moxie) API Calls RST RCE Vulnerability

Document Title: =============== Docebo LMS 6.9 - Moxie API Calls RST RCE Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1888 Video: http://www.vulnerability-lab.com/getcontent.php?id=1892 Release Date: ============= 2016-08-01 Vulnerabilit...

7.4AI score
Exploits0
n0where
n0where
added 2015/06/22 10:0 p.m.33 views

SQLMap Web Front End

PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...

0.8AI score
Exploits0References2
Fedora
Fedora
added 2014/12/12 4:3 a.m.77 views

[SECURITY] Fedora 20 Update: couchdb-1.6.1-4.fc20

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

6.1CVSS2.7AI score0.18351EPSS
Exploits1
Fedora
Fedora
added 2014/07/22 3:33 a.m.25 views

[SECURITY] Fedora 20 Update: couchdb-1.6.0-9.fc20

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

5CVSS2.7AI score0.22289EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/09 12:0 a.m.68 views

SEC Consult SA-20131004-0 :: SQL injection vulnerability in Zabbix

SEC Consult Vulnerability Lab Security Advisory 20131004-0 ======================================================================= title: SQL injection vulnerability product: Zabbix vulnerable version: =2.0.8 fixed version: 2.0.9rc1 CVE number: CVE-2013-5743 impact: critical homepage:...

0.79988EPSS
Exploits9
OpenVAS
OpenVAS
added 2013/02/04 12:0 a.m.24 views

Fedora Update for couchdb FEDORA-2013-1375

Check for the Version of couchdb OpenVAS Vulnerability Test Fedora Update for couchdb FEDORA-2013-1375 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS6.4AI score0.06558EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2012/08/03 12:0 a.m.23 views

Liferay JSON Server API Authentication

============================================= - Release date: August 3rd, 2012 - Discovered by: Danilo Massa & Enrico Cinquini - Severity: High ============================================= I. VULNERABILITY ------------------------- Liferay JSON service API authentication vulnerability II...

0.2AI score
Exploits0
Rows per page
Query Builder