4947 matches found
CVE-2020-3567
CVE-2020-3567 affects Cisco Industrial Network Director (IND) via the management REST API. Affected versions prior to 1.9.0 (per CNVD entry) expose a vulnerability where insufficient validation of REST requests allows an authenticated, remote attacker to trigger high CPU utilization, causing a pe...
CVE-2020-3567 Cisco Industrial Network Director Denial of Service Vulnerability
A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...
CVE-2020-26876
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step for course videos and materials by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because showinrest is enabled for custom post types e.g.,...
Design/Logic Flaw
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step for course videos and materials by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because showinrest is enabled for custom post types e.g.,...
CVE-2020-26876
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step for course videos and materials by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because showinrest is enabled for custom post types e.g.,...
CVE-2020-26876
CVE-2020-26876 – WordPress WP Courses Plugin up to version 2.0.27/2.0.29 suffers an information-disclosure via the REST API. The issue stems from show_in_rest being enabled for custom post types, allowing access to private course videos and materials through endpoints like /wp-json/wp/v2/course o...
Cisco Industrial Network Director Denial of Service Vulnerability
A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...
Cloud Networking Operating System (CNOS) Vulnerability - Lenovo Support US
No description provided...
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...
Design/Logic Flaw
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...
CVE-2019-4325
CVE-2019-4325 affects HCL AppScan Enterprise; root cause is the use of broken or risky cryptographic algorithms to store REST API user details. Impact and remediation details are not explicitly provided in the connected documents; refer to the CVE entry for basic score context (MEDIUM) and the ve...
CVE-2020-24404
Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization...
WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure
The plugin does not protect the courses which could be accessed by unauthenticated users using the REST API /wp-jon/ endpoints. This could result in attackers accessing paying content without authorisation...
Brocade Fabric OS Buffer Overflow Vulnerability
Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade in the United States. A buffer overflow vulnerability exists in the REST API in Brocade Fabric OS. A remote, unauthenticated attacker could exploit this vulnerability to perform ...
CVE-2020-15374
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...
CVE-2020-15373
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...
CVE-2020-15373
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...
Buffer overflow
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...
Input validation
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...