4947 matches found
CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15984 Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
CVE-2019-15985
CVE-2019-15985 corresponds to multiple SQL injection vulnerabilities in Cisco Data Center Network Manager (DCNM) REST and SOAP APIs. Affected versions are DCNM prior to 11.3(1). An authenticated, remote attacker with administrative privileges can exploit insufficient input validation to execute a...
CVE-2019-15985 Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
CVE-2019-15985 Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
Fedora 30 : wordpress (2019-da7b49a4b1)
WordPress 5.3.2 Maintenance Release Shortly after WordPress 5.3.1 was released, a couple of high severity Trac tickets were opened. The Core team scheduled this quick maintenance release to resolve these issues. Main issues addressed in 5.3.2 : - Date/Time: Ensure that getfeedbuilddate correctly...
Fedora 31 : wordpress (2019-e16ba9e54e)
WordPress 5.3.2 Maintenance Release Shortly after WordPress 5.3.1 was released, a couple of high severity Trac tickets were opened. The Core team scheduled this quick maintenance release to resolve these issues. Main issues addressed in 5.3.2 : - Date/Time: Ensure that getfeedbuilddate correctly...
U.S. Dept Of Defense: Bypassing CORS Misconfiguration Leads to Sensitive Exposure
Hi! Security Team @deptofdefense, It's possible to get information about the users registered such as: id, name, login name, etc. without authentication in Wordpress via API on . ███████. Description: By default Wordpress allow public access to Rest API to get informations about all users...
CVE-2019-20329
OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000...
Code injection
OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000...
BuddyPress 5.0.0 - 5.1.1 - Private Data Exposure via REST API
Certain REST API requests could result in the exposure of private data...