CVE-2010-0633

Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API XAPI calls via unknown vectors...

CVE-2022-22770

The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and...

TIBCO Security Advisory: February 15, 2022 - TIBCO AuditSafe -2022-22770

TIBCO AuditSafe API Authentication vulnerability Original release date: February 15, 2022 Lastrevised: --- CVE-2022-22770 Source: TIBCOSoftware Inc. Products Affected TIBCO AuditSafe versions 1.1.0 and below The following component is affected: Web Server Description The component listed above...

Knowage 跨站脚本漏洞

Knowage is a suite of open source tools for modern business analytics. A cross-site scripting vulnerability exists in Knowage versions prior to 7.4, which can be exploited by an attacker to inject arbitrary external scripts in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBIHOST'...

CVE-2020-10148

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds...

The vulnerability of the PHP interpreter allows attackers to execute arbitrary code.

The vulnerability of the zendthroworerror function in the Zend/zendexecuteAPI.c module of the PHP interpreter is related to the use of an uncontrolled format string. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by using format string parameters that involv...