API - API Security Blog

CVE-2022-48318

No authorisation controls in the RestAPI documentation for Tribe29's Checkmk Read More ...

February 20, 2023

CVE-2022-48321

Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk Read More ...

February 20, 2023

Microsoft Print 3D app Remote Code Execution (February 2023)

The Microsoft Print 3D app installed on the remote Windows host may be affected by a remote code execution vulnerability. Note that Nessus has not tested for these issues but has instead relied only o ...

February 20, 2023

CVSS3 - HIGH

Faraday – Open Source Vulnerability Management Platform

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA55xh0Xiu6p6gyjoxB2a9gTFO_xeqX60bFMfdoCi-rPQ-8jxUKp1hC9qjuK2NAXF9ucUAgy2_y1uRJktfO6SR3CC2CGGI8jWNScqH9rApLKrAtiuPFCOH_nTA4iuQyhfGPaC2wZ ...

February 20, 2023

CVE-2015-10080

A vulnerability was found in NREL api-umbrella-web 0.7.1. It has been classified as problematic. This affects an unknown part of the component Admin Data Table Handler. The manipulation leads to cross ...

February 20, 2023

Denial Of Service (DoS)

starlite is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to consume a large amount of CPU time and RAM because the multipart body parser accepts an unlimited number of file ...

February 18, 2023

Improper Certificate Validation

cloudconnectlib is vulnerable to Improper Certificate Validation. Requests to third-party APIs through the REST API Modular Input allows a remote attacker to downgrade the API request to HTTP after a ...

February 18, 2023

Security Bulletin: Vulnerability in RC4 stream cipher affects the IBM FlashSystem models 840 and 900 (CVE-2015-2808)

## Summary The RC4 âBar Mitzvahâ Attack for SSL/TLS affects the IBMÂ® FlashSystemâ¢ 840 and IBM FlashSystem 900. ## Vulnerability Details **CVEID:** [_CVE-2015-2808_]() **DESCRIPTIO ...

February 18, 2023

CVSS2 - MEDIUM