CVE-2020-15374

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input...

CVE-2020-15373

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks...

CVE-2020-15373

CVE-2020-15373 affects Brocade Fabric OS REST API; multiple buffer overflow vulnerabilities in v8.2.1–v8.2.1d and in 8.2.2 prior to 8.2.2c allow remote unauthenticated attackers to perform various attacks. Root cause: REST API buffer overflow. Impact is described as allowing varied attacks (no ex...

CVE-2020-15394

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

Sql injection

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

CVE-2020-15394

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution...

SUSE-SU-2020:2731-1 Security update for conmon, fuse-overlayfs, libcontainers-common, podman

This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues: podman was updated to v2.0.6 bsc1175821 - install missing systemd units for the new Rest API bsc1175957 and a few man-pages that where missing before - Drop varlink API related bits in favor of the ne...

CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

DEBIAN-CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

Information disclosure

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

CVE-2019-16004

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

Authentication flaw

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

CVE-2019-16004

CVE-2019-16004 affects Cisco Vision Dynamic Signage Director; REST API endpoints permit an unauthenticated remote attacker to bypass authentication due to missing authentication on some API calls. Impact: attacker could interact with parts of the API. Affected software versions include releases p...

CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20200219-dcnm-priv-esc)

According to its self-reported version, Cisco Data Center Network Manager is prior to version 11.31 and is, therefore, affected by a privilege escalation vulnerability in the REST API endpoint due to insufficient access control validation. An authenticated, remote attacker could exploit this...

powerdns -- Leaking uninitialised memory through crafted zone records

PowerDNS Team reports CVE-2020-17482: An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via...

Cisco Data Center Network Manager Command Injection (cisco-sa-20200102-dcnm-comm-inject)

According to its self-reported version, Cisco Data Center Network Manager is affected by a command injection vulnerability in the REST and SOAP API endpoints due to a failure to properly validate user-supplied input. An authenticated, remote attacker with administrative privileges can exploit thi...

BSA-2020-1082

Security Advisory ID : BSA-2020-1082 Component : REST API Revision : 2.0 Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. Note:...