Lucene search
K

46 matches found

OSV
OSV
added 2015/04/01 2:59 p.m.4 views

DEBIAN-CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

5.1CVSS7.1AI score0.01068EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/04/01 2:59 p.m.26 views

CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

5.1CVSS5.9AI score0.01068EPSS
Exploits0References2
OSV
OSV
added 2015/04/01 2:59 p.m.3 views

UBUNTU-CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

5.1CVSS5.8AI score0.01068EPSS
Exploits0References3
OSV
OSV
added 2014/08/07 11:13 a.m.2 views

DEBIAN-CVE-2014-3429

IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...

6.8CVSS7.8AI score0.04665EPSS
Exploits0References1
PyPA
PyPA
added 2014/08/07 11:13 a.m.6 views

PYSEC-2014-21

IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...

6.8CVSS7.8AI score0.04665EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2012/04/25 10:0 a.m.21 views

CVE-2012-0475

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site 1 XMLHttpRequest or 2 WebSocket operation involvin...

9.2AI score0.01858EPSS
Exploits0References8
Rows per page
Query Builder