124 matches found
CVE-2022-36024
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
PT-2024-26378
Name of the Vulnerable Software and Affected Versions Bitcoin Core versions prior to 25.0 Description A high-severity software bug in Bitcoin Core allows remote attackers to cause a denial of service by including transactions in a blocktxn message that are not committed to in a block's merkle roo...
BIT-CONTOUR-2021-32783 Authorization bypass in Contour
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...
The vulnerability of the Consul and Consul Enterprise service configuration tool, related to pointer assignment errors, allows a malicious actor to trigger an emergency shutdown of the application.
The vulnerability of the Consul and Consul Enterprise service configuration tools is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause an unexpected termination of the application...
CVE-2022-36024
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
Sql injection
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
PYSEC-2022-43146
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
PYSEC-2022-43146
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
CVE-2022-36024
CVE-2022-36024 affects py-cord, a Python Discord API wrapper used by bots. In version 2.0.0, bots added to a server with the application.commands scope without the bot scope are vulnerable to remote shutdown. The issue appears to affect public bots using slash commands. Remediation: upgrade to ve...
CVE-2022-36024 Bots using py-cord as discord api wrapper are vulnerable to shutdowns through remote code execution
py-cord is a an API wrapper for Discord written in Python. Bots creating using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
GHSA-QMHJ-M29V-GVMR Bots using py-cord as Discord API wrapper are vulnerable to shutdowns through remote code execution
Impact py-cord is a an API wrapper for Discord written in Python. Bots using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
Bots using py-cord as Discord API wrapper are vulnerable to shutdowns through remote code execution
Impact py-cord is a an API wrapper for Discord written in Python. Bots using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
PT-2022-23123 · Pypi · Py-Cord
Name of the Vulnerable Software and Affected Versions: py-cord version 2.0.0 Description: The issue affects py-cord, a Python API wrapper for Discord, allowing remote shutdown of bots if they are added to a server with the application.commands scope without the bot scope. It appears that all publ...
Pycord 安全漏洞
Pycord is a modern, easy-to-use, feature-rich, asynchronous-ready API wrapper open-sourced by Pycord Development. A security vulnerability exists in Pycord versions prior to 2.0.1 that stems from allowing a user to remotely shut down a bot running on pycord by adding it to a discordant server wit...
PT-2022-18052 · Unitree · Unitree Go 1
Name of the Vulnerable Software and Affected Versions: Unitree Go 1 robotics platform versions H0.1.7 through H0.1.9 Unitree Go 1 robotics platform version A1 Description: The Unitree Go 1 robotics platform can be powered down by an attacker within normal RF range without authentication using...
CVE-2022-28944
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...
Remote code execution
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...
多款EMCO Software产品安全漏洞
EMCO Software EMCO MSI Package Builder for Windows is a product of EMCO Software Iceland. EMCO Software EMCO MSI Package Builder for Windows is a software tool for creating Windows Installer packages. EMCO Software EMCO MSI Package Builder for Windows is a software tool for creating Windows...
The vulnerability of Microsoft Teams’ corporate platform for Android, which stems from insufficient validation of input data, allows a hacker to trigger an emergency shutdown of the application.
The vulnerability of Microsoft Teams’ corporate platform for Android exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause the application to crash remotely...
CVE-2022-25250
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to sh...