Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-5963

Malware in sbrugna...

7.5CVSS7.6AI score0.01183EPSS
Exploits1References2
NVD
NVD
added 2018/01/19 11:29 p.m.17 views

CVE-2017-14460

An exploitable overly permissive cross-domain CORS whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malicious website to trigger this vulnerability...

7.5CVSS7.4AI score0.01183EPSS
Exploits1References1
Prion
Prion
added 2018/01/19 11:29 p.m.15 views

Design/Logic Flaw

An exploitable overly permissive cross-domain CORS whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malicious website to trigger this vulnerability...

5.1CVSS7.4AI score0.01183EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/01/19 11:29 p.m.14 views

CVE-2017-14460

An exploitable overly permissive cross-domain CORS whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malicious website to trigger this vulnerability...

7.5CVSS7AI score
Exploits0References1
Cvelist
Cvelist
added 2018/01/19 11:0 p.m.18 views

CVE-2017-14460

An exploitable overly permissive cross-domain CORS whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malicious website to trigger this vulnerability...

7.5CVSS7.4AI score0.01183EPSS
Exploits1References1
CVE
CVE
added 2018/01/19 11:0 p.m.72 views

CVE-2017-14460

The CVE-2017-14460 issue affects Parity Ethereum client’s JSON-RPC interface, where the default overly permissive cross-domain (CORS) whitelist (often *) can allow a malicious website to fetch or modify data through the JSON-RPC API if certain endpoints are enabled. TALOS details show an example ...

7.5CVSS7.4AI score0.01183EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/10 12:0 a.m.3 views

Parity Ethereum client JSON-RPC misconfiguration vulnerability

Parity Ethereum client is a client for Ethereum the application runtime platform.JSON-RPC is one of the remote invocation services using JSON as the protocol. A misconfiguration vulnerability exists in JSON-RPC in Parity Ethereum client version 1.7.8. An attacker can use this vulnerability to sen...

7.5CVSS6.8AI score0.01183EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2018/01/10 12:0 a.m.85 views

Parity Browser < 1.6.10 - Bypass Same Origin Policy

VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 Version: 0.3 Date: Jun 16th, 2017 Tag: parity same origin policy bypass webproxy token reuse Overview -------- Name: parity Vendor: paritytech References: https://parity.io/ 1 Version: 1.6.8 Latest Version...

5.3CVSS5.3AI score0.05479EPSS
Exploits4
The Hacker News
The Hacker News
added 2017/11/07 7:38 p.m.9 views

Oh, Crap! Someone Accidentally Triggered A Flaw That Locked Up $280 Million In Ethereum

Horrible news for some Ethereum users. About $300 million worth of Ether—the cryptocurrency unit that has become one of the most popular and increasingly valuable cryptocurrencies—from dozens of Ethereum wallets was permanently locked up today. Smart contract coding startup Parity Technologies,...

7.1AI score
Exploits0
Rows per page
Query Builder