api-connector's People
api-connector's Issues
A new vulnerability was discovered: CVE-2017-11288
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/187822
A new vulnerability was discovered: CVE-2020-4629
An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through_and) upon a panic of the map function.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/212772
A new vulnerability was discovered: CVE-2013-4116
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/2623
A new vulnerability was discovered: CVE-2020-4937
Cross-site scripting (XSS) vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/48668
A new vulnerability was discovered: CVE-2009-4591
SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/48669
A new vulnerability was discovered: CVE-2017-3103
Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/106692
A new vulnerability was discovered: CVE-2014-7191
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/98105
A new vulnerability was discovered: CVE-2015-8857
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/2622
A new vulnerability was discovered: debricked-npm-1555
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/104268
A new vulnerability was discovered: CVE-2015-8858
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/98102
A new vulnerability was discovered: CVE-2020-7921
Prototype pollution vulnerability in dot-prop npm package version 5.1.0 and earlier allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/145150
A new vulnerability was discovered: CVE-2017-11287
Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could exploit this vulnerability by injecting a payload into the registration form and achieve arbitrary code execution in the context of the admin account.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/211867
A new vulnerability was discovered: CVE-2017-11289
A vulnerability was found in Braces versions prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/212619
A new vulnerability was discovered: debricked-308
Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service (abort) via an invalid request.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/18079
A new vulnerability was discovered: CVE-2008-2231
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/98101
A new vulnerability was discovered: CVE-2016-0949
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/98103
A new vulnerability was discovered: CVE-2017-16042
Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.
Read more at Debricked: http://app.debricked.com/en/service/vulnerability/107469
A new vulnerability was discovered: CVE-2015-0344
Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/9500
A new vulnerability was discovered: CVE-2016-0949
rc before 1.7.1-5 insecurely creates temporary files.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/138117
A new vulnerability was discovered: CVE-2016-0950
Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/186169
A new vulnerability was discovered: debricked-npm-1572
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/104268
A new vulnerability was discovered: CVE-2015-4412
BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data via a crafted string.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/100801
A new vulnerability was discovered: CVE-2018-4923
Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/106692
A new vulnerability was discovered: CVE-2009-4590
Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that may be executed within the context of the victim's browser when they browse to the page containing the vulnerable field.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/211864
A new vulnerability was discovered: CVE-2008-2553
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/98104
A new vulnerability was discovered: CVE-2015-0344
Sencha Labs Connect has XSS with connect.methodOverride()
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/140135
A new vulnerability was discovered: CVE-2017-3101
Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/91925
A new vulnerability was discovered: CVE-2013-4116
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/26632
A new vulnerability was discovered: CVE-2017-3102
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/91926
A new vulnerability was discovered: CVE-2009-4590
Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/91925
A new vulnerability was discovered: CVE-2016-4118
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/5575
A new vulnerability was discovered: CVE-2009-4592
Unspecified vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to include arbitrary local files via unknown vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/48670
A new vulnerability was discovered: CVE-2008-2553
Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that may be executed within the context of the victim's browser when they browse to the page containing the vulnerable field.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/211865
A new vulnerability was discovered: CVE-2016-7851
Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/106716
A new vulnerability was discovered: CVE-2008-2231
Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/106691
A new vulnerability was discovered: CVE-2015-0343
Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/9500
A new vulnerability was discovered: CVE-2017-11288
Adobe Connect versions 9.8.1 and earlier have a session token exposure vulnerability. Successful exploitation could lead to exposure of the privileges granted to a session.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/117946
A new vulnerability was discovered: CVE-2016-0950
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/91926
A new vulnerability was discovered: CVE-2016-0948
Prototype pollution vulnerability in 'cache-base' versions 0.7.0 through 4.0.0 allows attacker to cause a denial of service and may lead to remote code execution.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/204989
A new vulnerability was discovered: CVE-2016-4118
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/5575
A new vulnerability was discovered: CVE-2017-16042
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/219853
A new vulnerability was discovered: debricked-308
Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/110694
A new vulnerability was discovered: CVE-2015-8857
Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/91927
A new vulnerability was discovered: CVE-2020-7754
SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/48669
A new vulnerability was discovered: CVE-2015-8858
Cross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/9501
A new vulnerability was discovered: CVE-2016-7851
Unspecified vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to include arbitrary local files via unknown vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/48670
A new vulnerability was discovered: CVE-2020-4937
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/5575
A new vulnerability was discovered: CVE-2002-1647
This affects all versions of package com.squareup:connect.
The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file downloaded by downloadFileFromResponse will be visible to all other users on the local system.
A workaround fix for this issue is to set the system property java.io.tmpdir to a safe directory as remediation.
Note: This version of the SDK is end of life and no longer maintained, please upgrade to the latest version.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/209608
A new vulnerability was discovered: CVE-2015-0343
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/2624
A new vulnerability was discovered: CVE-2015-4412
BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data via a crafted string.
Read more at Debricked: https://app.debricked.com/en/service/vulnerability/100801
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.