API - API Security Blog

Denial Of Service (DOS)

Mofh is vulnerable to Denial of Service. The vulnerability is due to improper restriction of XML external entity reference when parsing API call responses. If the `api_url` parameter is unchanged, the ...

15 августа, 2022

CVE-2022-38368

An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands.R ...

15 августа, 2022

CVE-2020-21642

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.Read More ...

15 августа, 2022

Security Bulletin: IBM i Clustering is affected by CVE-2019-4381

## Summary IBM i Clustering is vulnerable to this security vulnerability. IBM i has addressed this vulnerability. This security bulletin has been updated, on June 21, 2019, as an additional IBM i PT ...

15 августа, 2022

CVSS3 - HIGH

CVSS2 - LOW

RedGuard – C2 Front Flow Control Tool, Can Avoid Blue Teams, AVs, EDRs Check

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnlJkIKeeinYR2Ob_vLz_T2KUfA0Attaog2LS5O0LV7aniivC2XbPeSlzGSZmhJPPGbsVrWFG-Cot5fzfuF2VV5nydW6wkqgPW_6fy3sH7mJiFosFREp460IW-VLwaZLZ5EUdNL ...

15 августа, 2022

Exploit for Vulnerability in Microsoft

# CVE-2022-24500-RCE CVE-2022-24500 Windows SMB Remote Code Exec...Read More ...

15 августа, 2022

CVSS3 - HIGH

CVSS2 - MEDIUM

Exploit for Vulnerability in Microsoft

# CVE-2022-26809-POC metasploit module for CVE-2022-26809 window...Read More ...

15 августа, 2022

CVSS3 - CRITICAL

CVSS2 - HIGH

CVE-2022-36006

Arvados is an open source platform for managing, processing, and sharing genomic and other large scientific and biomedical data. A remote code execution (RCE) vulnerability in the Arvados Workbench al ...

15 августа, 2022