Lucene search
K

48 matches found

Cvelist
Cvelist
added 2021/03/09 6:10 p.m.32 views

CVE-2021-21369 Potential DoS in Besu HTTP JSON-RPC API

Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. In Besu before version 1.5.1 there is a denial-of-service vulnerability involving the HTTP JSON-RPC API service. If username and password authentication is enabled for the HTTP JSON-RPC API service, then prio...

6.5CVSS6.8AI score0.01503EPSS
Exploits0References4
seebug.org
seebug.org
added 2012/02/13 12:0 a.m.24 views

Bugzilla jsonrpc.cgi 跨站请求伪造漏洞

BUGTRAQ ID: 51783 CVE ID: CVE-2012-0440 Bugzilla是一个开源的缺陷跟踪系统,它可以管理软件开发中缺陷的提交,修复,关闭等整个生命周期。 Bugzilla在jsonrpc.cgi的实现上存在CSRF安全漏洞,成功利用这些漏洞可允许攻击者劫持任意用户使用JSON-RPC API的身份验证请求。 0 Mozilla Bugzilla 4.x 厂商补丁: Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mozilla.org/security/...

5.1CVSS6.4AI score0.0063EPSS
Exploits2
OpenVAS
OpenVAS
added 2012/02/12 12:0 a.m.24 views

FreeBSD Ports: bugzilla

The remote host is missing an update to the system as announced in the referenced advisory. VID 309542b5-50b9-11e1-b0d8-00151735203a OpenVAS Vulnerability Test $ Description: Auto generated from VID 309542b5-50b9-11e1-b0d8-00151735203a Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

5.1CVSS6.3AI score0.01013EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2012/02/07 12:0 a.m.26 views

FreeBSD : bugzilla -- multiple vulnerabilities (309542b5-50b9-11e1-b0d8-00151735203a)

A Bugzilla Security Advisory reports : The following security issues have been discovered in Bugzilla : - Account Impersonation : When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which could be used to impersonate another user...

5.1CVSS5.7AI score0.01013EPSS
Exploits3References5
UbuntuCve
UbuntuCve
added 2012/02/02 6:55 p.m.32 views

CVE-2012-0440

Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...

5.1CVSS5.9AI score0.0063EPSS
Exploits2References2
Prion
Prion
added 2012/02/02 6:55 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...

5.1CVSS7.6AI score0.0063EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2012/02/02 6:0 p.m.36 views

CVE-2012-0440

Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...

6.9AI score0.0063EPSS
Exploits2References5
FreeBSD
FreeBSD
added 2012/01/31 12:0 a.m.20 views

bugzilla -- multiple vulnerabilities

A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Account Impersonation: When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which could be used to impersonate another user accoun...

6.6AI score
Exploits0References2
Rows per page
Query Builder