Cisco Access Control Server Representational State Transfer Application Programming Interface Denial of Service Vulnerability

A vulnerability in the Representational State Transfer REST application programming interface API of the Cisco Access Control Server ACS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to how the ACS REST API handles increased...

foreman-proxy: failure to verify SSL certificates

It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted...

Cisco WebEx Meetings Server Authentication Bypass Vulnerability

Cisco WebEx Meetings are web conferencing solutions. An authentication bypass vulnerability in the play/modules component in Cisco WebEx Meetings Server allows remote attackers to gain administrator privileges via a crafted API request...

CVE-2014-1996

Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call...

Cybozu Garoon 3 API access restriction bypass vulnerability

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability CWE-264 when using Garoon APIs. Impact A remote attacker may cause a denial-of-service DoS or execute arbitrary code. Solution Update the Software Update to the latest...

UBUNTU-CVE-2014-1736

Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value...

DEBIAN-CVE-2014-0167

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

PT-2014-3512 · Openstack +1 · Openstack Compute +1

Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions 2013.1 through 2013.2.3 OpenStack Compute Nova icehouse before icehouse-rc2 Description: The issue concerns the Nova EC2 API security group implementation, which fails to enforce Role-Based Access Control RBAC...

foreman: app/controllers/api/v1/hosts_controller.rb API privilege escalation

app/controllers/api/v1/hostscontroller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request...

Scientific Linux Security Update : perl-DBD-Pg on SL5.x, SL6.x i386/x86_64 (20120725)

Perl DBI is a database access Application Programming Interface API for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially crafted database warning or error message from a server could cause...

RedHat Update for perl-DBD-Pg RHSA-2012:1116-01

Check for the Version of perl-DBD-Pg OpenVAS Vulnerability Test RedHat Update for perl-DBD-Pg RHSA-2012:1116-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

PT-2011-2779 · Cisco · Ciscoworks Common Services

Name of the Vulnerable Software and Affected Versions: CiscoWorks Common Services versions 3.3 and earlier Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the device parameter in the cwhp/device.center.do API endpoint in t...

VMware VIX API Multiple Buffer Overflow Vulnerabilities

VMware VIX, an application programming interface to manipulate virtual machines is installed on the remote host. The installed version of VMware VIX API is affected by multiple buffer overflow vulnerabilities. Successful exploitation of these issues could allow arbitrary code execution on the hos...

Microsoft Windows Speech Components sapi.dll Code Execution (MS08-032; CVE-2007-0675)

The ActiveX Speech Components sapi.dll is part of the Microsoft Speech Application Programming Interface SAPI that allows the use of speech recognition and speech synthesis within Windows applications. A remote code execution vulnerability has been reported in the ActiveX Speech Components...

Microsoft Security Bulletin MS05-040 Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)

Microsoft Security Bulletin MS05-040 Vulnerability in Telephony Service Could Allow Remote Code Execution 893756 Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

Microsoft Windows Media Services contains buffer overflow in "nsiislog.dll"

Overview Microsoft Windows Media Services provides streaming audio and video capabilities. A vulnerability in a component of this software could allow a remote attacker to compromise the server running it. Description According to Microsoft Security Bulletin MS03-022:Microsoft Windows Media...

Security update 1970-01-01

...

Security Update for Windows Server 2003 (KB893756)

A security issue has been identified in the Telephony Application Programming Interface TAPI that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this...

Security Update for Windows Server 2003 x64 Edition (KB893756)

A security issue has been identified in the Telephony Application Programming Interface TAPI that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this...

Security Update for Windows XP (KB893756)

A security issue has been identified in the Telephony Application Programming Interface TAPI that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this...