CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

CVE-2020-24404

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization...

WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure

The plugin does not protect the courses which could be accessed by unauthenticated users using the REST API /wp-jon/ endpoints. This could result in attackers accessing paying content without authorisation...

Brocade Fabric OS Buffer Overflow Vulnerability

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade in the United States. A buffer overflow vulnerability exists in the REST API in Brocade Fabric OS. A remote, unauthenticated attacker could exploit this vulnerability to perform ...

CVE-2020-15373

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...

CVE-2020-15374

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...

CVE-2020-15373

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...

Input validation

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...

Buffer overflow

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...

CVE-2020-15374

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...

CVE-2020-15373

CVE-2020-15373 affects Brocade Fabric OS REST API; multiple buffer overflow vulnerabilities in v8.2.1–v8.2.1d and in 8.2.2 prior to 8.2.2c allow remote unauthenticated attackers to perform various attacks. Root cause: REST API buffer overflow. Impact is described as allowing varied attacks (no ex...

CVE-2020-15373

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...

CVE-2020-15394

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

Sql injection

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

CVE-2020-15394

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

SUSE-SU-2020:2731-1 Security update for conmon, fuse-overlayfs, libcontainers-common, podman

This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues: podman was updated to v2.0.6 bsc1175821 - install missing systemd units for the new Rest API bsc1175957 and a few man-pages that where missing before - Drop varlink API related bits in favor of the ne...

DEBIAN-CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

Information disclosure

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

CVE-2019-16004

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...