CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2020/09/23 12:26 a.m.•24 views

CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

6.5CVSS6.7AI score0.00247EPSS

Vulnrichment•added 2020/09/23 12:26 a.m.•9 views

CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

6.5CVSS7.2AI score0.00247EPSS

CVE•added 2020/09/23 12:26 a.m.•57 views

CVE-2019-16004

CVE-2019-16004 affects Cisco Vision Dynamic Signage Director; REST API endpoints permit an unauthenticated remote attacker to bypass authentication due to missing authentication on some API calls. Impact: attacker could interact with parts of the API. Affected software versions include releases p...

6.5CVSS6.6AI score0.00247EPSS

Cvelist•added 2020/09/23 12:0 a.m.•25 views

CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

5.3AI score0.00177EPSS

Exploits0References4

FreeBSD•added 2020/09/22 12:0 a.m.•26 views

powerdns -- Leaking uninitialised memory through crafted zone records

PowerDNS Team reports CVE-2020-17482: An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via...

4.3CVSS2.6AI score0.0005EPSS

Tenable Nessus•added 2020/09/22 12:0 a.m.•26 views

Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20200219-dcnm-priv-esc)

According to its self-reported version, Cisco Data Center Network Manager is prior to version 11.31 and is, therefore, affected by a privilege escalation vulnerability in the REST API endpoint due to insufficient access control validation. An authenticated, remote attacker could exploit this...

8.8CVSS8AI score0.0056EPSS

Exploits0References3

Tenable Nessus•added 2020/09/17 12:0 a.m.•41 views

Cisco Data Center Network Manager Command Injection (cisco-sa-20200102-dcnm-comm-inject)

According to its self-reported version, Cisco Data Center Network Manager is affected by a command injection vulnerability in the REST and SOAP API endpoints due to a failure to properly validate user-supplied input. An authenticated, remote attacker with administrative privileges can exploit thi...

9CVSS7.7AI score0.1945EPSS

Exploits9References5

Broadcom•added 2020/09/08 12:0 a.m.•18 views

BSA-2020-1084

Security Advisory ID : BSA-2020-1084 Component : Rest API Revision : 2.0 Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. Note: Brocade Fabric OS versions before v8.2.1 are not affected. Rest API is...

9.8CVSS7.4AI score0.00504EPSS

Exploits0

Broadcom•added 2020/09/08 12:0 a.m.•20 views

BSA-2020-1082

Security Advisory ID : BSA-2020-1082 Component : REST API Revision : 2.0 Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. Note:...

7.2CVSS10AI score0.00926EPSS

Exploits0

NVD•added 2020/09/04 3:15 a.m.•10 views

CVE-2020-3478

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...

Prion•added 2020/09/04 3:15 a.m.•11 views

Authorization

5.5CVSS7.9AI score0.00543EPSS

CVE•added 2020/09/04 2:25 a.m.•43 views

CVE-2020-3478

CVE-2020-3478 affects Cisco Enterprise NFV Infrastructure Software (NFVIS). The REST API vulnerability arises from insufficient authorization enforcement, allowing an authenticated remote attacker to upload a file via the REST API and overwrite restricted files, potentially degrading system funct...

Vulnrichment•added 2020/09/04 2:25 a.m.•12 views

CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

8.1CVSS6.9AI score0.00543EPSS

Cvelist•added 2020/09/04 2:25 a.m.•9 views

CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

Cisco•added 2020/09/02 4:0 p.m.•26 views

Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

Tenable Nessus•added 2020/09/01 12:0 a.m.•21 views

Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-patrav-pW9RkhyW)

According to its self-reported version, Cisco Data Center Network Manager is affected by a vulnerability in a specific REST API method due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, by sending a crafted request to the API, in order to...

8.1CVSS6.6AI score0.00407EPSS

Exploits0References3

NVD•added 2020/08/26 5:15 p.m.•10 views

CVE-2020-3519

A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...

8.1CVSS6.7AI score0.00407EPSS

NVD•added 2020/08/26 5:15 p.m.•15 views

CVE-2020-3521

A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker...

6.5CVSS5.8AI score0.00202EPSS

Prion•added 2020/08/26 5:15 p.m.•12 views

Path traversal

5.5CVSS7.9AI score0.00407EPSS