Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22460
go-ipld-prime is an implementation of the InterPlanetary Linked Data (IPLD) spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Encoding data which contains a Bytes kind Node will pass a Bytes to...
Protocol Go-ipld-prime
6.8
CVSSv2
CVE-2020-7965
flaskparser.py in Webargs 5.x up to and including 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. If the request body is valid JSON, it will accept it even if the content type is application/x-www-form-urlencoded. This allows f...
Webargs Project Webargs
5
CVSSv2
CVE-2017-12119
An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
Ethereum Cpp-ethereum -
6.8
CVSSv2
CVE-2017-12116
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker...
Ethereum Aleth -
6.8
CVSSv2
CVE-2017-12112
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can...
Ethereum Cpp-ethereum -
6.8
CVSSv2
CVE-2017-12113
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker ca...
Ethereum Cpp-ethereum -
4.3
CVSSv2
CVE-2017-12114
An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can s...
Ethereum Cpp-ethereum -
6.8
CVSSv2
CVE-2017-12117
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can s...
Ethereum Cpp-ethereum -
5
CVSSv2
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
Apache Struts
Netapp Oncommand Balance -
Oracle Retail Xstore Point Of Service 7.1.6
Oracle Retail Xstore Point Of Service 15.0.1
Oracle Retail Xstore Point Of Service 16.0.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.2.1.3
Oracle Enterprise Manager For Virtualization 13.2.3
Oracle Agile Plm Framework 9.3.6
Oracle Retail Xstore Point Of Service 6.5.11
Oracle Webcenter Portal 12.2.1.3.0
Oracle Global Lifecycle Management Opatchauto
Oracle Financial Services Hedge Management And Ifrs Valuations 8.0.4
Oracle Financial Services Hedge Management And Ifrs Valuations 8.0.5
Oracle Financial Services Market Risk Measurement And Management 8.0.5
Oracle Weblogic Server 12.2.1.2
Oracle Enterprise Manager For Virtualization 13.2.2
Oracle Retail Order Broker 5.2
Oracle Retail Xstore Point Of Service 7.0.6
Oracle Webcenter Portal 12.2.1.2.0
5.1
CVSSv2
CVE-2017-14460
An exploitable overly permissive cross-domain (CORS) whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malicious website to trigger t...
Parity Ethereum Client 1.7.8
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »