API - API Security Blog

CVE-2022-46156

The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monito ...

November 30, 2022

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption

Post ContentRead More ...

November 30, 2022

Security Bulletin: IBM API Connect is impacted by host header injection vulnerability (CVE-2021-38997)

## Summary IBM API Connect is impacted by host header injection vulnerability. The fix addresses the host header injection CVE-2021-38997. ## Vulnerability Details ** CVEID: **[CVE-2021-38997]() ** DE ...

November 30, 2022

D4TA-HUNTER – GUI Osint Framework With Kali Linux

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-M-X1JCaDmMj4GsQRXbmjqT1J6F-dMSoRJXgdBEKguFNLVyWUTWkUIbgrAF6RDtVXDLEp2pBpCdVu1WC-0ZM78_EImFffW16VMJYnuWhp5XObbrVEhbSrM7rr7lJhpBty4xDfuG ...

November 30, 2022

Access Restriction Bypass

kubeview is vulnerable to access restriction bypass. The vulnerability exists in `default` function of `api.js`, because `api/scrape/kube-system` does not require authentication which allows an attack ...

November 30, 2022

Atlassian Crowd 5.0.x < 5.0.3 Misconfiguration

According to its self-reported version number, the Atlassian Crowd application running on the remote host is affected by a misconfiguration vulnerability. This vulnerability allows an attacker to auth ...

November 30, 2022

Atlassian Crowd < 4.4.4 Misconfiguration

According to its self-reported version number, the Atlassian Crowd application running on the remote host is affected by a misconfiguration vulnerability. This vulnerability allows an attacker to auth ...

November 30, 2022

GLPI 9.1 < 10.0.3 SQL Injection

GLPI in version 9.1 Read More ...

November 30, 2022