MOXA TN-5900 授权问题漏洞

MOXA TN-5900 is a series of industrial firewall routers from China MOXA. An authentication error vulnerability exists in the MOXA TN-5900 prior to version v3.3, which stems from insufficient authentication measures implemented in the Web API handler, and can be exploited by an attacker to cause a...

CVE-2021-21568

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISIPRIVLOGINPAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change...

Gatecoin: API request signature can be reused with other parameters/data than the original in certain cases

If an attacker can intercept/see an API-request from a client who has a system-clock that is slightly ahead of the server time then the attacker can re-use the API request-signature towards the same URL but with a different payload. This can for some of the endpoint lead to serious vulnerabilitie...

CVE-2015-5838

SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app...