EUVD-2020-4319

Malware in sbrugna...

CVE-2025-36034

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...

CVE-2019-13515

OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information...

PT-2025-17446 · Unknown · Mojoportal

Name of the Vulnerable Software and Affected Versions: mojoPortal versions 2.9.0.1 and earlier Description: The issue allows an attacker to perform a Directory Traversal attack via the BetterImageGallery API Controller, specifically through the ImageHandler action. This can lead to unauthorized...

GHSA-4VR8-R7QR-FPVQ Plone Privilege escalation through exposed underlying API

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API...

Updated mediawiki packages fix security vulnerability

API parameters may now be marked as "sensitive" to keep their values out of the logs CVE-2017-0361. "Mark all pages visited" on the watchlist now requires a CSRF token CVE-2017-0362. Special:UserLogin and Special:Search allow redirect to interwiki links CVE-2017-0363, CVE-2017-0364. XSS in...