CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3386 matches found

RedHat Linux•added 2023/03/22 10:20 a.m.•3 views

Mozilla: Potential out-of-bounds when accessing throttled streams

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable...

6.5CVSS7.3AI score0.0061EPSS

Exploits0References6

OSV•added 2023/03/22 12:15 a.m.•3 views

CVE-2023-28725

General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...

9.1CVSS6.2AI score0.20614EPSS

Exploits1References7

NVD•added 2023/03/22 12:15 a.m.•10 views

CVE-2023-28725

9.1CVSS9.4AI score0.20614EPSS

Exploits1References7

Prion•added 2023/03/22 12:15 a.m.•16 views

Code injection

6.4CVSS9.3AI score0.20614EPSS

Exploits1References7Affected Software1

HackRead•added 2023/03/21 1:36 p.m.•17 views

Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft

By Habiba Rashid The company has disclosed the wallet addresses and three IP addresses used by the attacker in the hack. This is a post from HackRead.com Read the original post: Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft...

6.7AI score

Exploits0

RedHat Linux•added 2023/03/21 8:20 a.m.•4 views

Mozilla: Potential out-of-bounds when accessing throttled streams

6.5CVSS7.3AI score0.0061EPSS

Exploits0References6

The Hacker News•added 2023/03/21 6:55 a.m.•41 views

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload...

7.1AI score

Exploits0

The Hacker News•added 2023/03/21 6:55 a.m.•3 views

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

7.3AI score

Exploits0

Positive Technologies•added 2023/03/21 12:0 a.m.•4 views

PT-2023-21922 · General Bytes · General Bytes Crypto Application Server

Name of the Vulnerable Software and Affected Versions: General Bytes Crypto Application Server CAS versions prior to 20221118.48 General Bytes Crypto Application Server CAS versions prior to 20230120.44 Description: The issue allows remote attackers to execute arbitrary Java code by uploading a...

9.1CVSS9.6AI score0.20614EPSS

Exploits1References11

VulnCheck KEV•added 2023/03/21 12:0 a.m.•2 views

VulnCheck KEV: CVE-2023-28725

9.1CVSS7.6AI score0.20614EPSS

Exploits1References1

CNNVD•added 2023/03/21 12:0 a.m.•4 views

General Bytes Crypto Application Server 代码问题漏洞

General Bytes Crypto Application Server is a General Bytes company that provides powerful and simple browser-based administration. A security vulnerability exists in General Bytes Crypto Application Server CAS version 20230120. An attacker can exploit this vulnerability to execute arbitrary Java...

9.1CVSS8.7AI score0.20614EPSS

Exploits1References9

Vulnrichment•added 2023/03/21 12:0 a.m.•9 views

CVE-2023-28725

9.4AI score0.20614EPSS

Exploits1References7

Cvelist•added 2023/03/21 12:0 a.m.•15 views

CVE-2023-28725

9.5AI score0.20614EPSS

Exploits1References7

CVE•added 2023/03/21 12:0 a.m.•65 views

CVE-2023-28725

CVE-2023-28725 affects General Bytes Crypto Application Server (CAS) versions 20230120 (distributed with BATM devices). The vulnerability allows an unauthenticated remote attacker to execute arbitrary Java code by uploading a Java app to the "/batm/app/admin/standalone/deployments" directory, due...

9.1CVSS9.3AI score0.20614EPSS

Exploits1References7Affected Software1

RedHat Linux•added 2023/03/20 9:39 a.m.•3 views

Mozilla: Potential out-of-bounds when accessing throttled streams

6.5CVSS7.3AI score0.0061EPSS

Exploits0References6

RedHat Linux•added 2023/03/20 9:38 a.m.•2 views

Mozilla: Potential out-of-bounds when accessing throttled streams

6.5CVSS7.3AI score0.0061EPSS

Exploits0References6

RedHat Linux•added 2023/03/20 9:38 a.m.•2 views

Mozilla: Potential out-of-bounds when accessing throttled streams

6.5CVSS7.3AI score0.0061EPSS

Exploits0References6

SUSE CVE•added 2023/03/15 3:33 a.m.•1 views

SUSE CVE-2023-25752

When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

6.5CVSS6.6AI score0.0061EPSS

Exploits0References8

Code423n4•added 2023/03/15 12:0 a.m.•17 views

Malicious users can claim BYTES rewards after withdrawing all of their LP stake

Lines of code Vulnerability details Impact Users are able to continue claiming BYTES rewards indefinitely on their initials points after withdrawing all of their LP stake. Proof of Concept A user can withdraw all of their LP staked tokens in multiple steps with an amount 1e16. If the amount is...

6.7AI score

Exploits0

OSV•added 2023/03/15 12:0 a.m.•0 views

UBUNTU-CVE-2023-25752

6.5CVSS7.2AI score0.0061EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by