Lucene search
K

4196 matches found

CNVD
CNVD
added 2020/07/17 12:0 a.m.2 views

Soar Labs Soar Coin Security Vulnerability Exists

Soar Labs Soar Coin is an ethereum-based virtual cryptocurrency. A security vulnerability exists in the 'zerofeetransaction' function in Soar Labs Soar Coin git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f and previous versions. An attacker could exploit this vulnerability to steal Soar curren...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2020/07/14 12:0 a.m.3 views

c-lightning Security Vulnerabilities

A security vulnerability exists in c-lightning versions prior to 0.7.1 that stems from incorrect access control. A remote attacker could exploit the vulnerability by not paying or underpaying the total cash amount of a transaction...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2020/07/14 12:0 a.m.1 views

Lightning Network Daemon Security Vulnerability

A security vulnerability exists in Lightning Network Daemon lnd versions prior to 0.7 that stems from incorrect access control in the program. An attacker could exploit the vulnerability by not paying or underpaying the total cash amount of a transaction...

6.7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/06 1:29 p.m.15 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services v2.1.1 is affected by a validation vulnerability (CVE-2019-4519)

Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user prevent audit log entries. Vulnerability...

0.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/06 12:50 p.m.17 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services v2.1.1 is affected by a validation vulnerability (CVE-2019-4518)

Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user to issue server commands or modify data in t...

1.3AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/06 11:53 a.m.17 views

Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential validation vulnerability (CVE-2019-4517)

Summary IBM Financial Transaction Manager for ACH Services FTM ACH for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Vulnerability Details CVEID: CVE-2019-451...

1.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/06 11:28 a.m.26 views

Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services (CVE-2020-2654)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Financial Transaction Manager for ACH Services. Financial Transaction Manager for ACH Services FTM ACH has addressed the applicable CVE.brIf you run your own Java code using the IBM Java Runtime delivered with th...

4.3CVSS2.3AI score0.03299EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2020/07/02 2:42 p.m.16 views

CVE-2020-12119

Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee RBF. It increases the user's balance with the value of an unconfirmed transaction as soon as it is received before the transaction is confirmed and does not decrease the balance when it is canceled. As a result, users are exposed t...

8.1AI score0.00493EPSS
Exploits0References1
NVD
NVD
added 2020/06/16 6:15 p.m.12 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5CVSS0.00846EPSS
Exploits0References1
Prion
Prion
added 2020/06/16 6:15 p.m.21 views

Design/Logic Flaw

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

4.3CVSS6.4AI score0.00846EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/06/16 5:7 p.m.16 views

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

6.5AI score0.00846EPSS
Exploits0References1
CVE
CVE
added 2020/06/16 5:7 p.m.45 views

CVE-2020-14199

The CVE-2020-14199 issue is a BIP-143 signing mishandling in the Bitcoin protocol that can mislead users into producing two signatures during Segwit transactions. Affected products are Trezor One firmware before 1.9.1 and Trezor Model T firmware before 2.3.1; these devices have firmware updates t...

6.5CVSS6.4AI score0.00846EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/06/15 6:44 p.m.1 views

GHSA-F3J5-RMMP-3FC5 Improper Input Validation in jackson-databind

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup...

9.8CVSS7.1AI score0.0459EPSS
Exploits0References23
Veracode
Veracode
added 2020/06/12 12:33 a.m.19 views

Denial Of Service (DoS)

indyplenum is vulnerable to Denial Of Service DoS. The vulnerability exists due to the lack of consensus while validating write transaction, causing unbounded retries upon failure...

7.5CVSS7.4AI score0.01731EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/06/11 8:15 p.m.9 views

CVE-2020-12023

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

4.5CVSS0.00486EPSS
Exploits0References3
OSV
OSV
added 2020/06/11 8:15 p.m.3 views

CVE-2020-12023

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

4.5CVSS5.8AI score0.00486EPSS
Exploits0References3
Prion
Prion
added 2020/06/11 8:15 p.m.13 views

Code injection

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

2.7CVSS4.8AI score0.00486EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/11 7:11 p.m.12 views

CVE-2020-12023 Philips IntelliBridge Enterprise IBE Insertion of Sensitive Information into Log File

Philips IntelliBridge Enterprise IBE, Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns VS4, EarlyVue VS30 and IntelliVue Guardian IGS. Unencrypted user credentials received in the IntelliBridge Enterprise IBE are logged within the transaction logs, which are...

2CVSS4.8AI score0.00486EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/06/11 12:0 a.m.3 views

PT-2020-12991 · Philips · Earlyvue +3

Name of the Vulnerable Software and Affected Versions: Philips IntelliBridge Enterprise IBE versions B.12 and prior Description: The issue concerns the logging of unencrypted user credentials within the transaction logs of the IntelliBridge Enterprise system. These logs are secured behind a...

4.5CVSS4.7AI score0.00486EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/06/04 5:26 p.m.2 views

bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...

7.5CVSS6.8AI score0.93422EPSS
Exploits5References5
Rows per page
Query Builder