Lucene search
K

119 matches found

Prion
Prion
added 2021/09/07 10:15 p.m.13 views

Code injection

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/07 10:15 p.m.15 views

Design/Logic Flaw

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/07 10:15 p.m.13 views

Code injection

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.01173EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/07 9:59 p.m.43 views

CVE-2020-19767

CVE-2020-19767 affects 0xRACER v1.0: a lack of target address verification in the destroycontract() function enables an attacker to steal tokens from victim users via a crafted script. Root cause: input/target address validation gap in destroycontract(). Documents do not provide a confirmed fix o...

7.5CVSS7.3AI score0.01173EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/07 9:59 p.m.37 views

CVE-2020-19769

CVE-2020-19769 : A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. Affected software: Rob The Bank 1.0 (BurnMe() function). Root cause: missing target address verification. Impact: token thef...

7.5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/07 9:59 p.m.25 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.4AI score0.00542EPSS
Exploits1References1
CVE
CVE
added 2021/09/07 9:59 p.m.41 views

CVE-2020-19768

CVE-2020-19768 concerns ICOVO 1.0, where a lack of target address verification in the selfdestructs() function enables attackers to steal tokens from victim users via a crafted script. The issue is reported across multiple sources (NVD/Red Hat/CNVD/etc.) with the same core flaw. The connected doc...

7.5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Huntr
Huntr
added 2021/07/22 6:13 p.m.13 views

in emoncms/dashboard

💥 BUG account takeover via host-header injection It allow attacker to change url of account-verification link and verify any email-address . 💥 STEP TO REPRODUCE 1. First as attacker create a account with email [email protected]. You dont own that email-address .\ You cant login untill you verify that...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/29 9:39 a.m.108 views

Google now requires app developers to verify their address and use 2FA

Google on Monday announced new measures for the Play Store, including requiring developer accounts to turn on 2-Step Verification 2SV, provide an address, and verify their contact details later this year. The new identification and two-factor authentication requirements are a step towards...

1.5AI score
Exploits0
OSV
OSV
added 2021/03/15 11:6 p.m.5 views

USN-4875-1 opensmtpd vulnerabilities

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...

10CVSS7.2AI score0.98946EPSS
Exploits41References4
Tenable Nessus
Tenable Nessus
added 2020/06/05 12:0 a.m.43 views

Debian DLA-2234-1 : netqmail security update

There were several CVE bugs reported against src:netqmail. CVE-2005-1513 Integer overflow in the strallocreadyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code vi...

9.8CVSS7.4AI score0.10789EPSS
Exploits8References7
OSV
OSV
added 2020/05/26 1:15 p.m.4 views

CVE-2020-3811

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability...

7.5CVSS7.1AI score0.01768EPSS
Exploits2References5
OSV
OSV
added 2020/05/26 1:15 p.m.8 views

UBUNTU-CVE-2020-3811

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability...

7.5CVSS7.1AI score0.01768EPSS
Exploits2References5
CVE
CVE
added 2020/05/26 1:4 p.m.89 views

CVE-2020-3811

CVE-2020-3811 affects netqmail 1.06 (qmail-verify) where improper input handling allows a mail-address verification bypass. Connected Debian/Ubuntu advisories (DLA-2234, USN-4621-1, USN-4556-1) indicate this vulnerability alongside CVE-2020-3812 and older CVEs; mitigation in Debian for Jessie is ...

7.5CVSS8.3AI score0.01768EPSS
Exploits2References5Affected Software1
Debian CVE
Debian CVE
added 2020/05/26 1:4 p.m.26 views

CVE-2020-3811

Removed by vendor...

7.5CVSS7.5AI score0.01768EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2020/05/26 12:0 a.m.39 views

Debian DSA-4692-1 : netqmail - security update

Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail shipped in Debian as netqmail with additional patches which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not. C...

9.8CVSS6.8AI score0.10789EPSS
Exploits8References10
OpenVAS
OpenVAS
added 2020/05/25 12:0 a.m.35 views

Debian: Security Advisory (DSA-4692-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.10789EPSS
Exploits8References4
Debian
Debian
added 2020/05/24 7:4 a.m.26 views

[SECURITY] [DSA 4692-1] netqmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...

5CVSS2AI score0.10789EPSS
Exploits8
Debian
Debian
added 2020/05/24 7:4 a.m.166 views

[SECURITY] [DSA 4692-1] netqmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.2AI score0.10789EPSS
Exploits8
Cvelist
Cvelist
added 2020/03/31 3:11 p.m.31 views

CVE-2019-14880

A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise...

4.8CVSS9.1AI score0.01079EPSS
Exploits0References2
Rows per page
Query Builder