Lucene search
K

60 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16144

Malicious code in bioql PyPI...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/07/28 7:57 p.m.3 views

GO-2025-3791 Babylon vulnerable to chain half when transaction has fees different than `ubbn` in github.com/babylonlabs-io/babylon

Babylon vulnerable to chain half when transaction has fees different than ubbn in github.com/babylonlabs-io/babylon...

7AI score
Exploits0References3
OSV
OSV
added 2025/07/28 7:57 p.m.4 views

GO-2025-3801 Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon

Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon...

7AI score
Exploits0References4
Veracode
Veracode
added 2025/07/10 5:42 a.m.7 views

Denial Of Service (DoS)

github.com/babylonlabs-io/babylon is vulnerable to Denial Of Service DoS. The vulnerability is due to sending a message that modifies the validator set exactly at the epoch boundary, which allows an attacker to halt the blockchain by disrupting consensus progression...

6.9AI score
Exploits0
Veracode
Veracode
added 2025/07/02 4:32 a.m.5 views

Denial Of Service (DoS)

github.com/babylonlabs-io/babylon is vulnerable to Denial Of Service DoS. The vulnerability is due to the acceptance of transaction fees in denominations other than the native Babylon genesis denom ubbn, which allows an attacker to halt the blockchain by submitting such transactions...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/06/30 5:54 p.m.4 views

Babylon vulnerable to chain half when transaction has fees different than `ubbn`

Summary Sending transactions with fees different than native Babylon genesis denom ubbn leads to chain halt. Impact Denial of Service - Due to panic in the x/distribution module BeginBlocker triggered by a error when sending fees from feeCollector to x/distribution module -...

7AI score
Exploits0References4Affected Software2
OSV
OSV
added 2025/06/30 5:54 p.m.2 views

GHSA-56J4-446M-QRF6 Babylon vulnerable to chain half when transaction has fees different than `ubbn`

Summary Sending transactions with fees different than native Babylon genesis denom ubbn leads to chain halt. Impact Denial of Service - Due to panic in the x/distribution module BeginBlocker triggered by a error when sending fees from feeCollector to x/distribution module -...

8.7CVSS7AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.2 views

PT-2025-29193 · Go · Github.Com/Babylonlabs-Io/Babylon +1

Summary Sending transactions with fees different than native Babylon genesis denom ubbn leads to chain halt. Impact Denial of Service - Due to panic in the x/distribution module BeginBlocker triggered by a error when sending fees from feeCollector to x/distribution module -...

8.7CVSS7.1AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 2:31 a.m.9 views

CVE-2010-5225

Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file. NOTE: some of these details are obtained from third party information...

6.9CVSS6.9AI score0.00347EPSS
Exploits0References1
Veracode
Veracode
added 2025/05/19 4:15 p.m.3 views

Denial Of Service (DoS)

github.com/babylonlabs-io/babylon is vulnerable to Denial Of Service DoS. The vulnerability is due to an integer overflow due to depositing a large amount of tokens into the validator rewards pool, which triggers a panic in cumulative reward ratio calculation during the EndBlocker execution...

7.2AI score
Exploits0
OSV
OSV
added 2025/05/15 8:0 p.m.6 views

GO-2025-3686 Babylon Finality Provider `MsgCommitPubRandList` replay attack in github.com/babylonlabs-io/babylon

Babylon Finality Provider MsgCommitPubRandList replay attack in github.com/babylonlabs-io/babylon...

7.1AI score
Exploits0References1
OSV
OSV
added 2025/05/15 8:0 p.m.4 views

GO-2025-3687 Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt in github.com/babylonlabs-io/babylon

Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt in github.com/babylonlabs-io/babylon...

7.1AI score
Exploits0References1
Snyk
Snyk
added 2025/05/15 2:5 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the EndBlocker process. An attacker can cause the system to halt by triggering an integer overflow during the cumulative reward ratio calculation. Remediation Upgrade...

8.2CVSS7.2AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/05/15 2:5 p.m.7 views

Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt

Summary Minting large amount of tokens through ibc transfer and then depositing them in validator rewards pool via DepositValidatorRewardsPool message can lead to integer overflow panic when calculating cumulativerewardratio for the validator. This calculation happens in x/epoching module...

7.4AI score
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/05/15 2:5 p.m.2 views

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation due to insufficient validation in the MsgCommitPubRandList handler, combined with a lack of domain separation in signed messages. An attacker can store an invalid PubRand commitment by crafting the message parameters ...

8.9CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2025/05/15 2:5 p.m.6 views

GHSA-7MM3-VFG8-7RG6 Babylon Finality Provider `MsgCommitPubRandList` replay attack

Summary A high vulnerability exists in the Babylon protocol's x/finality module due to a lack of domain separation in signed messages, combined with insufficient validation in the MsgCommitPubRandList handler. Specifically, the handler does not enforce that the submitted Commitment field is 32...

8.9CVSS7.2AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/05/15 2:5 p.m.8 views

Babylon Finality Provider `MsgCommitPubRandList` replay attack

Summary A high vulnerability exists in the Babylon protocol's x/finality module due to a lack of domain separation in signed messages, combined with insufficient validation in the MsgCommitPubRandList handler. Specifically, the handler does not enforce that the submitted Commitment field is 32...

7.2AI score
Exploits0References4Affected Software1
Malwarebytes
Malwarebytes
added 2020/06/15 3:30 p.m.25 views

A week in security (June 8 – 14)

Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list of considerations for MSPs when looking for an RMM platform; the complaint faced by ParetoLogic, the company that issues SpeedyPC, a product that claims to find and remove various PC...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/05/27 2:16 p.m.9 views

search.babylon.com XSS vulnerability

Open Bug Bounty ID: OBB-622953 Description| Value ---|--- Affected Website:| search.babylon.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2017/07/15 9:37 a.m.11 views

search.babylon.com XSS vulnerability

Vulnerable URL: http://search.babylon.com/imageres.php?iu=http://%22%3E%3Cimg%20src=x%20onerror=prompt%27OPENBUGBOUNTY%27;%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown...

6.3AI score
Exploits0
Rows per page
Query Builder