B.Braun SpaceCom2 代码问题漏洞

The B. Braun SpaceCom2 is a hardware device from B. Braun, Germany, designed to connect to external devices to record data in a patient data management system, PC, or USB memory stick. A security vulnerability exists in versions of the B. Braun SpaceCom2 prior to 012U000062, which allows a remote...

Synology Video Station Video Station 代码问题漏洞

Synology Video Station is a video management center. It can manage all movies, TV shows and home videos on Synology NAS. A server-side request forgery vulnerability exists in the Synology Video Station webapi component before 2.4.10-1632, which can be exploited by a remote authenticated attacker ...

CVE-2021-26685

A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote attacker to conduct SQL injection attack...

Cisco Industrial Network Director Denial of Service Vulnerability

Cisco Industrial Network Director IND is an industrial automation management system from Cisco. The system achieves automation management by visualizing the industrial Ethernet infrastructure. A denial of service vulnerability exists in the management REST API in Cisco Industrial Network Director...

UBUNTU-CVE-2014-1427

A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2...

RSA Archer REST API Authorization Bypass Vulnerability

RSA Archer is an enterprise IT governance and compliance governance product. RSA Archer has an authorization bypass vulnerability in the REST API that can be exploited by an attacker to elevate privileges...

CVE-2018-13791

The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter...

W3C High Resolution Time API AnC Attack Vulnerability

The W3C High Resolution Time API is a set of JavaScript interfaces for providing web applications with a sub-millisecond resolution of the current time format. A security vulnerability exists in the W3C High Resolution Time API. The vulnerability can be exploited by an attacker with specially...

REST API Vulnerability in Multiple F5 BIG-IQ Products

The BIG-IQ Cloud Platform provides the core services necessary for the management of application-oriented services. A security vulnerability exists in the REST API of multiple F5 BIG-IQ products, which can be exploited by a remote attacker to obtain an authentication token for any user by guessin...