JSON-RPC - API Security Blog

CVE-2017-12118

An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). An attacker can send JSON to trigger this vul ...

30 июня, 2023

CVSS3 - HIGH

CVSS2 - MEDIUM

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs

[![dns-rebinding-attack-hacking-exploit](https://4.bp.blogspot.com/--sH2XTc-AVY/WmbwKY128wI/AAAAAAAAvi0/UTMZXB0Ms6MEH5b_dnb15w1gLsQK0UvVgCLcBGAs/s1600/dns-rebinding-attack-hacking-exploit.png)]() A Go ...

30 июня, 2023

Blizzard Update Agent – JSON RPC DNS Rebinding Vulnerability

Exploit for windows platform in category local exploitsRead More ...

30 июня, 2023

How to Mitigate the Threat Cryptocurrency Mining Poses to Enterprise Security

[![cryptocurrency-mining-attack](https://1.bp.blogspot.com/-thWV-CQxPvI/Wng2oUJEH-I/AAAAAAAAvrI/HexTIBePExskso6dmfBjODAAbVAQ7TvEwCLcBGAs/s1600-e20/cryptocurrency-mining-attack.png)]() The growing popu ...

30 июня, 2023

CVE-2018-1163

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. The specific flaw exists within JSON RPC Request handling. By settin ...

30 июня, 2023

CVSS3 - CRITICAL

CVSS2 - HIGH

uTorrent Users Warned of Remote Code Execution Vulnerability

Google Project Zero researchers are warning of two critical remote code execution vulnerabilities in popular versions of BitTorrentâs web-based uTorrent Web client and its uTorrent Classic deskto ...

30 июня, 2023

Quest DR Series Appliance Web Default Administrator Credentials

The web interface for the Quest DR Series disk backup appliance, formerly Dell DR Series, uses a default set of credentials (administrator / St0r@ge!) to control access to its management interface. A ...

30 июня, 2023

IOVLabs: JSON RPC methods for debugging enabled by default allow DoS

**Summary:** Upon sending the JSON-RPC the `evm_reset` command, the RPC server hung, has gone slow, and is now on block 0. **Description:** While testing the bounty RPC node, I was sending a variety o ...

30 июня, 2023