Lucene search

K

Electrum Security Vulnerabilities

cve
cve

CVE-2018-6353

The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which...

7.8CVSS

6.2AI Score

0.002EPSS

2022-10-03 04:21 PM
601
cve
cve

CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero...

5.5CVSS

5.5AI Score

0.001EPSS

2022-06-17 02:15 PM
39
4