4952 matches found
WebBreaker - Dynamic Application Security Test Orchestration (DASTO)
Build functional security testing, into your software development and release cycles! WebBreaker provides the capabilities to automate and centrally manage Dynamic Application Security Testing DAST as part of your DevOps pipeline. WebBreaker truly enables all members of the Software Security...
CVE-2017-14868
Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension...
CVE-2017-1000106
Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...
CVE-2017-1000106
Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...
CVE-2017-1000106
This CVE (CVE-2017-1000106) affects Jenkins Blue Ocean integration for GitHub organization folders. The root cause is that the SCM content REST API did not verify the current user’s authentication/credentials when creating or editing pipelines for repositories within a GitHub organization folder....
CVE-2017-1000106
Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...
Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability
According to its self-reported version, the Cisco IOS XE Software is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
CVE-2017-12229
A vulnerability in the REST API of the web-based user interface web UI of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for th...
Authentication flaw
A vulnerability in the REST API of the web-based user interface web UI of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for th...
CVE-2017-12229
The CVE describes an authentication bypass in the REST API of Cisco IOS XE Web UI (versions 3.1–16.5) caused by insufficient input validation. An unauthenticated, remote attacker could bypass REST API authentication and access the web UI if the device has HTTP Server enabled. The issue affects Ci...
CVE-2017-12229
A vulnerability in the REST API of the web-based user interface web UI of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for th...
Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability
A vulnerability in the REST API of the web-based user interface web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for the REST A...
EMC Data Protection Advisor < 6.4.130 Hardcoded Password Vulnerability
According to its self-reported version number, the EMC Data Protection Advisor running on the remote host is 6.3.x prior to 6.3 patch 67 or 6.4.x prior to 6.4 patch 130. It is, therefore, affected by a default credential vulnerability due to hardcoded passwords with the Apollo System Test,...
Cross site request forgery (csrf)
Cross-site request forgery in the REST API in IPython 2 and 3...
CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3...
PYSEC-2017-47
Cross-site request forgery in the REST API in IPython 2 and 3...
CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3...
UBUNTU-CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3...
DEBIAN-CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3...
CVE-2015-5607
Cross-site request forgery in the REST API in IPython 2 and 3...