CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wallarm Lab•added 2018/09/20 3:41 a.m.•66 views

Wallarm NG-WAF is Now a Part of Kong Hub to Provide Better Protection for Microservices, APIs and…

Wallarm NG-WAF is Now a Part of Kong Hub to Provide Better Protection for Microservices, APIs and Serverless Thousands of companies from startups to Fortune 500 enterprises use Kong as their API gateway. With a blazingly fast performance, it comes with a perfect feature set for everyone who manag...

7.6AI score

n0where•added 2018/09/05 4:19 p.m.•19 views

CLI for Ephemeral Penetration Testing: hideNsneak

1.2AI score

Symantec•added 2018/06/12 12:0 a.m.•54 views

OpenSSL CVE-2018-0732 Denial of Service Vulnerability

Description OpenSSL is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project OpenSSL 1.0.2a OpenSSL Project OpenSSL 1.0.2b OpenSSL Project OpenSSL 1.0.2c OpenSSL...

5CVSS0.9AI score0.78382EPSS

Exploits0References2Affected Software28

Akamai Blog•added 2018/05/30 4:0 a.m.•11 views

Demystifying API Rate Limiting

APIs are the “digital glue” that integrates and connects infrastructure, services, devices, and users. With the proliferation of APIs in almost every organization, it‘s essential to have a mechanism in place to manage and govern them. That’s why we introduced Akamai API Gateway, which makes it...

6.8AI score

OSV•added 2018/05/17 3:29 a.m.•2 views

CVE-2018-0271

A vulnerability in the API gateway of the Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could...

9.8CVSS5.8AI score0.03002EPSS

Exploits0References2

NVD•added 2018/05/17 3:29 a.m.•20 views

CVE-2018-0271

9.8CVSS9.8AI score0.03002EPSS

Exploits0References2

Prion•added 2018/05/17 3:29 a.m.•15 views

Authentication flaw

7.5CVSS9.6AI score0.03002EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2018/05/17 3:0 a.m.•10 views

CVE-2018-0271

7.6AI score0.03002EPSS

Exploits0References2

Cisco•added 2018/05/16 4:0 p.m.•43 views

Cisco Digital Network Architecture Center Authentication Bypass Vulnerability

10CVSS1.5AI score0.03002EPSS

Imperva Blog•added 2017/08/15 3:30 p.m.•149 views

How to Protect AWS API Gateway with SecureSphere WAF

Serverless architectures are becoming more and more popular, and Amazon’s API Gateway service is a key factor in many serverless deployments on AWS. Currently API Gateway only supports a public CloudFront endpoint, and securing the API Gateway with high-end WAF protection may seem like a difficul...

6.9AI score

OSV•added 2017/04/24 7:59 p.m.•1 views

CVE-2017-3601

Vulnerability in the Oracle API Gateway component of Oracle Fusion Middleware subcomponent: Oracle API Gateway. The supported version that is affected is 11.1.2.4.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle API Gateway...

8.1CVSS5.8AI score0.01381EPSS

NVD•added 2017/04/24 7:59 p.m.•15 views

CVE-2017-3601

8.8CVSS7.3AI score0.01381EPSS

Prion•added 2017/04/24 7:59 p.m.•15 views

Design/Logic Flaw

8.8CVSS7.2AI score0.01381EPSS

Exploits0References3Affected Software1

CVE•added 2017/04/24 7:0 p.m.•51 views

CVE-2017-3601

CVE-2017-3601 affects Oracle Fusion Middleware's Oracle API Gateway (subcomponent Oracle API Gateway), specifically version 11.1.2.4.0. The vulnerability is exploitable over a network via HTTP and can be triggered by an unauthenticated attacker, with user interaction required for exploitation. Su...

8.8CVSS7.8AI score0.01381EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2017/04/24 7:0 p.m.•9 views

CVE-2017-3601

6.8AI score0.01381EPSS

Cvelist•added 2017/04/24 7:0 p.m.•22 views

CVE-2017-3601

7.3AI score0.01381EPSS

Packet Storm•added 2017/04/04 12:0 a.m.•93 views

Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal

https://www.osisecurity.com.au/computer-associates-api-gateway-crlf-response-splitting-directory-traversal-vulnerabilities.html Date: 04-Apr-2017 Product: Computer Associates Layer7 API Gateway Versions affected: v7, v8, v9 Vulnerabilities: 1 CRLF Response Splitting...

7.4AI score

Symantec•added 2016/10/17 12:0 a.m.•43 views

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability

Description Novell NetIQ Sentinel is prone to a security vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Novell NetIQ Sentinel version 7.4x are vulnerable. Technologies Affected Apache Commons FileUpload 1.0...

7.5CVSS0.8AI score0.56432EPSS

Exploits0References2Affected Software50

OSV•added 2016/04/06 1:59 a.m.•1 views

CVE-2016-3118

CRLF injection vulnerability in CA API Gateway formerly Layer7 API Gateway 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors...

6.5CVSS5.8AI score0.00224EPSS