CVE-2022-23730

The public API error causes for the attacker to be able to bypass API access... ...

Continue Reading

11 марта, 2022

CVE-2018-25031

Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI. ...

Continue Reading

11 марта, 2022

CVE-2022-25506

FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint... ...

Continue Reading

10 марта, 2022

CVE-2021-42854

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx&quo ...

Continue Reading

10 марта, 2022

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/ ...

Continue Reading

10 марта, 2022

CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not hav ...

Continue Reading

10 марта, 2022

CVE-2022-25225

Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve ...

Continue Reading

10 марта, 2022

CVE-2022-24193

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier... ...

Continue Reading

10 марта, 2022

1 75 772 75 773 75 774 75 775 75 776 75 956

Back to Main
Subscribe for the latest news: