4950 matches found
CVE-2021-44854
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis...
CVE-2021-44854
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis...
Exploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata
In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would be provided by the server. Of course, this is not a perfect world, and vulnerabilities can be introduced unintentionally, or even found due to...
GHSA-54R5-WR8X-X5V3 Duplicate Advisory: Apiman has insufficient checks for read permissions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j94p-hv25-rm5g. This link is maintained to preserve external references. Original Description Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. A...
Duplicate Advisory: Apiman has insufficient checks for read permissions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j94p-hv25-rm5g. This link is maintained to preserve external references. Original Description Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. A...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
K08402414: BIG-IP ASM and Advanced WAF REST API endpoint vulnerability CVE-2022-23026
Security Advisory Description An authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource utilization. CVE-2022-23026 Impact An authenticated user with low privileges, such as a guest, may exploit this...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
CVE-2022-31702
vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication...
Command injection
vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication...
PT-2022-5842 · Vmware · Vrealize Network Insight
Name of the Vulnerable Software and Affected Versions: vRealize Network Insight vRNI affected versions not specified Description: The issue is related to a command injection vulnerability in the vRNI REST API. This vulnerability allows a malicious actor with network access to the vRNI REST API to...
CVE-2022-31702
vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication...
VMware vRealize Network Insight 命令注入漏洞
VMware vRealize Network Insight is a tool from VMware, Inc. that helps customers build optimized, highly available and secure network infrastructures across multi-cloud environments. A security vulnerability exists in VMware vRealize Network Insight that stems from its vRNI REST API that allows...
CVE-2022-31702
CVE-2022-31702 affects VMware vRealize Network Insight (vRNI) via a command injection vulnerability in the vRNI REST API. The issue allows a remote attacker with network access to the REST API to execute commands without authentication, potentially leading to remote code execution. Connected sour...
CVE-2022-31702
vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication...
WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API
The plugin does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users PoC When the "Block access to users' data via REST API" settings is enabled...
WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API
The plugin does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users When the "Block access to users' data via REST API" settings is enabled...
VMSA-2022-0031:VMware vRealize Network Insight (vRNI) updates address command injection and directory traversal security vulnerabilities
Advisory ID: VMSA-2022-0031 CVSSv3 Range: 7.5-9.8 Issue Date:2022-12-13 Updated On: 2022-12-13 Initial Advisory CVEs: CVE-2022-31702, CVE-2022-31703 Synopsis: VMware vRealize Network Insight vRNI updates address command injection and directory traversal security vulnerabilities CVE-2022-31702,...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (openstack-barbican) security update
An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...