CVE-2021-1266

CVE-2021-1266 affects Cisco Managed Services Accelerator (MSX). The REST API vulnerability arises from how the software logs certain API requests, which an authenticated, remote attacker can exploit by sending a flood of crafted API requests, potentially causing a DoS on the affected device. Conn...

CVE-2021-1266 Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

Custom field options are exposed via an unauthenticated REST API endpoint - CVE-2020-36237

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0. Affected versions: version...

Cisco Managed Services Accelerator Denial of Service Vulnerability

Cisco Managed Services Accelerator MSX is a multi-tenant, multi-service, cloud-native service creation and delivery platform that enables service providers to quickly, easily, and cost-effectively develop and deliver hosted services to enterprise customers. A denial of service vulnerability exist...

CVE-2020-25208

In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions...

Design/Logic Flaw

In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions...

Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

CVE-2020-25208

Summary: CVE-2020-25208 affects YouTrack prior to 2020.4.4701, where an attacker could enumerate users via the REST API without proper permissions. Affected product/component: JetBrains YouTrack (web-based bug tracking/project management tool). Root cause / vulnerability type: Inadequate access c...

CVE-2020-25208

In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions...

RHEL 8 : RHV-M (ovirt-engine) 4.4.z security, upd[ovirt-4.4.4] 0-day (Moderate) (RHSA-2021:0383)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0383 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and...

Moderate: Red Hat Security Advisory: RHV-M (ovirt-engine) 4.4.z security, bug fix, enhancement upd[ovirt-4.4.4] 0-day

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Low: Red Hat Security Advisory: RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4]

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Traccar Code Issues Vulnerabilities

Traccar is the United States Traccar company of a Java-based GPS tracking can provide the function of building the system . The software supports more than 170 kinds of GPS protocols and more than 1500 models of GPS tracking devices . traccar can be used with any major SQL database system . It al...

GHSA-32WX-4GXX-H48F Users can edit the tags of any discussion

This advisory concerns a vulnerability which was patched and publicly released on October 5, 2020. Impact This vulnerability allowed any registered user to edit the tags of any discussion for which they have READ access using the REST API. Users were able to remove any existing tag, and add any t...

Users can edit the tags of any discussion

This advisory concerns a vulnerability which was patched and publicly released on October 5, 2020. Impact This vulnerability allowed any registered user to edit the tags of any discussion for which they have READ access using the REST API. Users were able to remove any existing tag, and add any t...

Cisco Data Center Network Manager SQL Injection Vulnerabilities (cisco-sa-dcnm-sql-inj-OAQOObP)

The version of Cisco Data Center Network Manager DCNM installed on the remote host is affected by multiple SQL injection vulnerabilities in certain REST API endpoints. An authenticated, remote attacker can exploit this, by suppling crafted input, in order to execute arbitrary SQL commands on an...

VMware vCenter REST API Data Collection

Binary data vmwarevcenterrestcollect.nbin...

Cisco Data Center Network Manager SQL Injection Vulnerability (CNVD-2021-09940)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SQL injection vulnerability exists in the REST API endpoint of Cisco Data Center...

Cisco Data Center Network Manager SQL Injection Vulnerability (CNVD-2021-09306)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SQL injection vulnerability exists in the REST API endpoint of Cisco Data Center...

Cisco Data Center Network Manager Path Traversal Vulnerability (CNVD-2021-09308)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A path traversal vulnerability exists in one of the REST API endpoints in Cisco Da...