CVE-2022-1502

Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions. ...

Continue Reading

May 23, 2022

CVE-2021-43164

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the updateVersion function in /cgi-bin/luci/api/wireless ...

Continue Reading

May 23, 2022

CVE-2021-43163

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the checkNet function in /cgi-bin/luci/api/auth. ...

Continue Reading

May 23, 2022

CVE-2021-43159

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the setSessionTime function in /cgi-bin/luci/api/common. ...

Continue Reading

May 23, 2022

CVE-2022-28162

Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. ...

Continue Reading

May 23, 2022

CVE-2021-27765

The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability ...

Continue Reading

May 23, 2022

CVE-2021-33845

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress ve ...

Continue Reading

May 23, 2022

CVE-2021-25746

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API g ...

Continue Reading

May 23, 2022

1 3,533 3,534 3,535 3,536 3,537 3,540

Back to Main
Subscribe for the latest news: