Lucene search
K

16 matches found

CVE
CVE
added 2026/03/25 12:0 a.m.12 views

CVE-2025-32991

N2WS Backup & Recovery (before 4.4.0) is affected by a two‑step attack against its RESTful API that leads to remote code execution. The available documents describe the vulnerability at a high level without detailing exploit vectors, affected modules, or versions beyond the 4.4.0 threshold. No re...

9CVSS6.1AI score0.00339EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 a.m.7 views

CVE-2019-1010250

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

5.5CVSS7AI score0.01059EPSS
Exploits1References1
OSV
OSV
added 2021/05/19 7:15 p.m.3 views

CVE-2021-25644

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators...

7.5CVSS7.1AI score0.00638EPSS
Exploits0References2
NVD
NVD
added 2019/07/18 6:15 p.m.39 views

CVE-2019-1010250

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

5.5CVSS5.2AI score0.01059EPSS
Exploits1References2
NVD
NVD
added 2019/07/18 6:15 p.m.20 views

CVE-2019-1010249

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The attack...

5.5CVSS5.2AI score0.01059EPSS
Exploits1References2
Prion
Prion
added 2019/07/18 6:15 p.m.15 views

Integer overflow

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The attack...

5.5CVSS5.2AI score0.01059EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/07/18 6:15 p.m.20 views

Input validation

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

5.5CVSS5.2AI score0.01059EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/07/18 5:53 p.m.23 views

CVE-2019-1010249

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The attack...

5.2AI score0.01059EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/07/18 5:51 p.m.24 views

CVE-2019-1010250

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

5.2AI score0.01059EPSS
Exploits1References2
NVD
NVD
added 2018/06/22 10:29 p.m.19 views

CVE-2018-7682

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains...

6.5CVSS6.4AI score0.0084EPSS
Exploits0References1
CVE
CVE
added 2018/06/22 10:0 p.m.36 views

CVE-2018-7682

Micro Focus Solutions Business Manager (SBM) prior to version 11.4 is affected by a cross-domain call vulnerability affecting SBM RESTful services. The CVE entry notes that an attacker could invoke SBM RESTful endpoints across domains, implying potential information exposure or unintended access ...

6.5CVSS6.3AI score0.0084EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/13 11:29 p.m.5 views

CVE-2018-12354

Knowage formerly SpagoBI 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request...

8.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2018/06/07 2:29 a.m.11 views

Directory traversal

censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

5CVSS7.5AI score0.02005EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/08/02 9:29 p.m.3 views

CVE-2017-11388

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638...

8.8CVSS5.9AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/11/19 4:0 a.m.23 views

Low: Red Hat Security Advisory: rest security update

Updated rest packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CV...

7.5CVSS7AI score0.03468EPSS
Exploits0References3
Fedora
Fedora
added 2015/04/18 9:43 a.m.31 views

[SECURITY] Fedora 20 Update: rest-0.7.93-1.fc20

This library was designed to make it easier to access web services that claim to be "RESTful". A RESTful service should have urls that represent remote objects, which methods can then be called on. The majority of servic es don't actually adhere to this strict definition. Instead, their RESTful e...

7.5CVSS1.4AI score0.03468EPSS
Exploits0
Rows per page
Query Builder