Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2021-24148
A business logic issue in the MStore API WordPress plugin, versions prior to 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.
Inspireui Mstore Api
356
VMScore
CVE-2018-1991
IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.
Ibm Api Connect
356
VMScore
CVE-2018-2009
IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148.
Ibm Api Connect
445
VMScore
CVE-2018-2011
IBM API Connect 2018.1 up to and including 2018.4.1.5 could allow an malicious user to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150.
Ibm Api Connect
490
VMScore
CVE-2019-1000011
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This v...
Api-platform Core
312
VMScore
CVE-2020-2193
Jenkins ECharts API Plugin 4.7.0-3 and previous versions does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability.
Jenkins Echarts Api
383
VMScore
CVE-2005-3869
Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter.
Google Api Search
578
VMScore
CVE-2020-4638
IBM API Connect's API Manager 2018.4.1.0 up to and including 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.
Ibm Api Connect
445
VMScore
CVE-2020-4695
IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels, an attacker can view unencrypted data leading to a loss of confidentiality.
Ibm Api Connect
356
VMScore
CVE-2018-1932
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 is affected by a vulnerability in the role-based access control in the management server that could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 153175.
Ibm Api Connect
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »