4960 matches found
DEBIAN-CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...
Information disclosure
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...
CVE-2019-16004
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...
Authentication flaw
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...
CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...
CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...
CVE-2019-16004
CVE-2019-16004 affects Cisco Vision Dynamic Signage Director; REST API endpoints permit an unauthenticated remote attacker to bypass authentication due to missing authentication on some API calls. Impact: attacker could interact with parts of the API. Affected software versions include releases p...
CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...
powerdns -- Leaking uninitialised memory through crafted zone records
PowerDNS Team reports CVE-2020-17482: An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via...
Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20200219-dcnm-priv-esc)
According to its self-reported version, Cisco Data Center Network Manager is prior to version 11.31 and is, therefore, affected by a privilege escalation vulnerability in the REST API endpoint due to insufficient access control validation. An authenticated, remote attacker could exploit this...
Cisco Data Center Network Manager Command Injection (cisco-sa-20200102-dcnm-comm-inject)
According to its self-reported version, Cisco Data Center Network Manager is affected by a command injection vulnerability in the REST and SOAP API endpoints due to a failure to properly validate user-supplied input. An authenticated, remote attacker with administrative privileges can exploit thi...
BSA-2020-1084
Security Advisory ID : BSA-2020-1084 Component : Rest API Revision : 2.0 Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. Note: Brocade Fabric OS versions before v8.2.1 are not affected. Rest API is...
BSA-2020-1082
Security Advisory ID : BSA-2020-1082 Component : REST API Revision : 2.0 Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. Note:...
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
Authorization
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
CVE-2020-3478
CVE-2020-3478 affects Cisco Enterprise NFV Infrastructure Software (NFVIS). The REST API vulnerability arises from insufficient authorization enforcement, allowing an authenticated remote attacker to upload a file via the REST API and overwrite restricted files, potentially degrading system funct...
Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-patrav-pW9RkhyW)
According to its self-reported version, Cisco Data Center Network Manager is affected by a vulnerability in a specific REST API method due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, by sending a crafted request to the API, in order to...