Lucene search
K

35 matches found

NVD
NVD
added 2025/02/24 8:15 a.m.30 views

CVE-2025-25279

Mattermost versions 10.4.x = 10.4.1, 9.11.x = 9.11.7, 10.3.x = 10.3.2, 10.2.x = 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards...

9.9CVSS0.2251EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.4 views

btcd 安全漏洞

btcd is an alternative node-wide Bitcoin implementation written in Go golang open-sourced by Bitcoin in Go. A security vulnerability exists in btcd versions 0.10 through 0.24, which stems from a failure to properly reimplement the FindAndDelete functionality of Bitcoin Core, causing the btcd clie...

8.1CVSS7.9AI score0.01022EPSS
Exploits0References6
Prion
Prion
added 2023/11/14 9:15 p.m.15 views

Cross site scripting

Hyperledger Fabric is an open source permissioned distributed ledger framework. Combining two molecules to one another, called "cross-linking" results in a molecule with a chemical formula that is composed of all atoms of the original two molecules. In Fabric, one can take a block of transactions...

4CVSS7.1AI score0.00519EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/13 12:0 a.m.9 views

PT-2023-24890 · Multiversx · Mx-Chain-Go

Name of the Vulnerable Software and Affected Versions: mx-chain-go versions prior to 1.4.17 Description: The issue occurs when executing a relayed transaction in mx-chain-go, the official implementation of the MultiversX blockchain protocol. If the inner transaction fails, it increases the inner...

7.1CVSS7.2AI score0.0107EPSS
Exploits0References10
Veracode
Veracode
added 2022/11/08 7:48 a.m.17 views

Denial Of Service (DoS)

github.com/btcsuite/btcd and github.com/lightningnetwork/lnd are vulnerable to denial of service. The vulnerability exists due to improper validation of blocks in msgtx.go which allows to an attacker to crash the node on block validation...

9.8CVSS8.7AI score0.01195EPSS
Exploits1References10Affected Software2
OSV
OSV
added 2021/05/21 4:23 p.m.17 views

GHSA-4G52-PQCJ-PHVH BLS Signature "Malleability"

Impact 1. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms - "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays. 2. Lotus block validation functions perform a uniquenes...

5.9CVSS7.5AI score0.00976EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2021/05/21 4:23 p.m.89 views

BLS Signature "Malleability"

Impact 1. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms - "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays. 2. Lotus block validation functions perform a uniquenes...

7.5CVSS0.00976EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2021/04/15 9:35 p.m.13 views

CVE-2021-21405 BLS Signature "Malleability"

Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays...

5.9CVSS7.8AI score0.00976EPSS
Exploits1References3
CVE
CVE
added 2021/04/15 9:35 p.m.88 views

CVE-2021-21405

CVE-2021-21405 concerns Lotus, a Go implementation of the Filecoin protocol. The issue arises from BLS signature validation that uses the blst VerifyCompressed method, which accepts signatures in two forms: “serialized” and “compressed.” Because the block header CID embeds the BlockSig, Lotus pre...

7.5CVSS6.6AI score0.00976EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/04/15 12:0 a.m.3 views

Łukasz Magiera lotus 数据伪造问题漏洞

Łukasz Magiera lotus is an open source application by Łukasz Magiera.Filecoin distributed storage network implementation. Lotus has a security vulnerability. the Lotus block validation function performs a uniqueness check on the supplied block...

7.5CVSS7.2AI score0.00976EPSS
Exploits1References4
OSV
OSV
added 2019/12/11 12:17 a.m.3 views

USN-4221-1 libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0References2
OSV
OSV
added 2018/04/01 12:0 a.m.2 views

UBUNTU-CVE-2018-1093

The ext4validblockbitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service out-of-bounds read and system crash via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers...

5.5CVSS6.6AI score0.01999EPSS
Exploits0References9
OSV
OSV
added 2017/02/25 8:29 a.m.13 views

MGASA-2017-0065 Updated kernel-linus fixes security vulnerabilities

This kernel-linus update is based on upstream 4.4.50 and fixes at least the following security issues: The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service system hang by leveraging access t...

9.8CVSS7.8AI score0.0596EPSS
Exploits13References13
OSV
OSV
added 2017/02/06 6:59 a.m.1 views

DEBIAN-CVE-2016-10208

The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service out-of-bounds read and system crash via a crafted ext4 image...

4.3CVSS5.5AI score0.00428EPSS
Exploits0References1
OSV
OSV
added 2013/03/06 12:0 a.m.2 views

UBUNTU-CVE-2013-1819

The xfsbuffind function in fs/xfs/xfsbuf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging the ability to mount an XFS filesyst...

4.6CVSS7.3AI score0.0044EPSS
Exploits0References11
Rows per page
Query Builder