API - API Security Blog

CVE-2022-38184

There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for A ...

August 16, 2022

Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec

![Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec](https://blog.rapid7.com/content/images/2022/08/application-discovery.jpg) Yes, I know what applications we have publ ...

August 16, 2022

In the Fight Against DDoS Attacks, not all PoPs are Created Equal

A [distributed denial of service]() (DDoS) attack is a malicious attempt to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting ...

August 16, 2022

CVE-2022-35948

undici is an HTTP/1.1 client, written from scratch for Node.js. `=Read More ...

August 16, 2022

Two more malicious Python packages in the PyPI

![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/08/16112454/python_threat_featured-990x400.jpg) On August 8, CheckPoint [published a report]() on ten malicious Python packag ...

August 16, 2022

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. ...

August 16, 2022

CVE-2022-35734

'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may ...

August 16, 2022

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to an Undefined Behavior allowing an attacker to crash the system via a maliciously crafted Input to API.Read More ...

August 15, 2022

CVSS3 - MEDIUM