Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

OSV
OSVadded 2019/08/01 4:15 p.m.1 views

CVE-2016-10843

cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API SEC-76...

8.1CVSS6.1AI score0.00926EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2019/07/24 9:1 p.m.1 views

kube-apiserver: DoS with crafted patch of type json-patch

A denial of service vulnerability was found in the Kubernetes API server. A remote user, with authorization to apply patches, could exploit this via crafted JSON input, causing excessive consumption of resources and subsequent denial of service...

6.5CVSS6.8AI score0.02677EPSS
Exploits0References5
OSV
OSVadded 2019/05/15 5:29 p.m.1 views

DEBIAN-CVE-2013-7285

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON...

9.8CVSS9.4AI score0.18767EPSS
Exploits5References1
Positive Technologies
Positive Technologiesadded 2017/11/02 12:0 a.m.2 views

PT-2017-4257 · Ruby +4 · Yajl-Ruby +4

Name of the Vulnerable Software and Affected Versions: yajl-ruby gem version 1.3.0 Description: The issue is related to insufficient processing of a format string in the yajl string decode function of the yajl encode.c component in the YAJL-ruby JSON library. When a crafted JSON file is supplied ...

7.8CVSS6.4AI score0.01863EPSS
Exploits3References56
RedHat Linux
RedHat Linuxadded 2015/11/18 3:53 p.m.3 views

postgresql: stack overflow DoS when parsing json or jsonb inputs

A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input...

6.4CVSS7.4AI score0.06572EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2015/11/18 3:53 p.m.2 views

postgresql: stack overflow DoS when parsing json or jsonb inputs

A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input...

6.4CVSS7.4AI score0.06572EPSS
Exploits0References5
CNVD
CNVDadded 2015/06/26 12:0 a.m.3 views

JSON 'ActiveSupport::JSON.encode()' function cross-site scripting vulnerability

JSON is a lightweight data exchange language , it is a subset of Javascript , and the use of completely language-independent text format . A cross-site scripting vulnerability exists in JSON, which can be exploited by a remote attacker to construct a malicious URI and trick the user into parsing...

4.3CVSS6.2AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2007/04/30 12:0 a.m.2 views

PT-2007-3714 · Mochikit · Mochikit

Name of the Vulnerable Software and Affected Versions: MochiKit framework affected versions not specified Description: The issue allows remote attackers to obtain data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

5CVSS6.1AI score0.00306EPSS
Exploits0References3
Rows per page
Query Builder