Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

87 matches found

CNVD
CNVDadded 2018/10/17 12:0 a.m.1 views

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2018-21477)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: JSON subcomponent of the MySQL Server component in Oracle MySQL, version 8.0.12 and earlier. An attack...

4.9CVSS5.5AI score0.00288EPSS
Exploits0References1
Prion
Prionadded 2018/01/19 11:29 p.m.15 views

Authorization

An exploitable improper authorization vulnerability exists in minersetGasPrice API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigger...

6.8CVSS7.9AI score0.00608EPSS
Exploits2References2
OSV
OSVadded 2017/08/24 8:29 p.m.1 views

DEBIAN-CVE-2014-4616

Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...

5.9CVSS6.8AI score0.00427EPSS
Exploits1References1
OSV
OSVadded 2015/12/06 1:59 a.m.1 views

DEBIAN-CVE-2015-6764

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have...

9.8CVSS9.4AI score0.13882EPSS
Exploits0References1
OSV
OSVadded 2014/03/21 1:4 a.m.5 views

CVE-2013-6401

Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted JSON document...

6.5AI score
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/26 7:10 p.m.4 views

rubygem-json: Denial of Service and SQL Injection

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...

7.5CVSS6.7AI score0.17317EPSS
Exploits0References5
OSV
OSVadded 2007/04/30 11:19 p.m.9 views

CVE-2007-2383

The Prototype prototypejs framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

6.2AI score
Exploits0References5
Rows per page
Query Builder