1091 matches found
[SECURITY] Fedora 24 Update: kf5-kpeople-5.24.0-1.fc24
KDE Frameworks 5 Tier 3 library for interaction with XML RPC services...
Apache XML-RPC Server-Side Denial of Service Vulnerability
Apache XML-RPC is a simple , lightweight set of specifications for RPC communication over the HTTP protocol . A denial of service vulnerability exists in Apache XML-RPC that allows remote attackers to cause a denial of service condition...
Apache XML-RPC Server-Side Request Forgery Vulnerability
Apache XML-RPC is the United States Apache Apache Software Foundation of a simple, lightweight set of RPC communication through the HTTP protocol specification. A server-side request forgery vulnerability exists in Apache XML-RPC that allows a remote attacker to construct a malicious URI, trick a...
Ubuntu: Security Advisory (USN-3013-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nextcloud: WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available
User Enumeration: It is possible to enumerate four WordPress usernames jancborchardt, jos, lukasreschke, frank. An attacker can use these username to carry out brute-force attack in order to forcefully authenticate. 2. Akismet Plugin2.5.0-3.1.4 vulnerable to unauthenticated Stored Cross Site...
USN-3013-1: XML-RPC for C and C++ vulnerabilities
It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. CVE-2012-6702 It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number...
WordPress Pingback Denial Of Service
WordPress XML-RPC pingback mechanism is used to link a blog to another. This mechanism can be exploited to execute a distributed denial of service DDoS attack either on the vulnerable website or to force the website to take part in a DDoS attack on a third party...
Drupal 6.x < 6.38, 7.x < 7.43 Multiple Vulnerabilities (SA-CORE-2016-001) - Windows
Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
BMC Server Automation RSCD Agent ACL Bypass
The remote BMC BladeLogic Server Automation BSA RSCD agent is affected by a security bypass vulnerability due to a failure to properly enforce the ACL. An unauthenticated, remote attacker can exploit this, by ignoring the response to the RemoteServer.info request, to bypass the ACL and execute...
BMC Server Automation RSCD Agent Weak ACL XML-RPC Arbitrary Command Execution
The RSCD agent running on the remote host does not have access controls in place to prevent an attacker from executing XML-RPC commands. An unauthenticated, remote attacker can exploit this to execute arbitrary commands in the context of the user in which the connections are mapped. C Tenable...
Atheme Buffer Overflow Vulnerability
Atheme is a portable, secure, open source and modular set of IRC services. A buffer overflow vulnerability exists in the XMLRPC response encoding code of Atheme. A remote attacker could exploit this vulnerability to cause a denial of service...
PT-2016-3556 · Red Hat · Spacewalk +1
Name of the Vulnerable Software and Affected Versions: Spacewalk and Red Hat Satellite version 5.7 Description: A cross-site scripting XSS issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details...
CVE-2016-3163
The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method...
CVE-2016-3163
The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method...
UBUNTU-CVE-2016-3163
The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method...
Security feature bypass
The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method...
CVE-2016-3163
The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method...
CVE-2016-3163
CVE-2016-3163 affects the Drupal core XML-RPC subsystem. Drupal 6.x prior to 6.38 and 7.x prior to 7.43 allows remote attackers to perform brute‑force attacks by issuing a large number of calls to the same XML-RPC method, potentially aiding password guessing. Mitigation in public advisories: appl...
CVE-2016-3163
Removed by vendor...
Drupal 7.x < 7.43 Multiple Vulnerabilities
Binary data 9220.prm...