1025 matches found
PT-2018-5358 · Ethereum · Cpp-Ethereum
Name of the Vulnerable Software and Affected Versions: cpp-ethereum version affected versions not specified Description: An improper authorization issue exists in the miner start API endpoint of cpp-ethereum's JSON-RPC. This allows a JSON request to access restricted functionality, resulting in...
Fedora 27 : qpid-cpp (2017-f76bf63612)
Rebuilt against qpid- Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...
Fedora Update for qpid-cpp FEDORA-2017-14f5c6cdac
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qpid-cpp FEDORA-2017-7bac3ba7c3
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 27 Update: qpid-cpp-1.37.0-1.fc27
Run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol...
[SECURITY] Fedora 26 Update: qpid-cpp-1.37.0-1.fc26
Run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol...
CPP-Ethereum JSON-RPC Incorrect Authorization Vulnerability
CPP-Ethereum is a C++ client for Ethereum Application Programming Platform.JSON-RPC is one of the remote invocation services using JSON as the protocol. An incorrect authorization vulnerability exists in the adminnodeInfo API for JSON-RPC in CPP-Ethereum commit version...
CPP-Ethereum JSON-RPC Denial Of Service Vulnerabilities(CVE-2017-12119)
Summary An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum's JSON-RPC. Specially crafted JSON requests can cause a unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability. Tested Versions Ethereum...
CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability(CVE-2017-12113)
Summary An exploitable improper authorization vulnerability exists in adminnodeInfo API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
CPP-Ethereum JSON-RPC miner_start improper authorization Vulnerability(CVE-2017-12117)
Summary An exploitable improper authorization vulnerability exists in minerstart API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...
CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability(CVE-2017-12114)
Summary An exploitable improper authorization vulnerability exists in adminpeers API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...
CPP-Ethereum JSON-RPC admin_addPeer Authorization Bypass Vulnerability(CVE-2017-12112)
Summary An exploitable improper authorization vulnerability exists in adminaddPeer API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
CPP-Ethereum JSON-RPC Incorrect Authorization Vulnerability (CNVD-2018-02798)
CPP-Ethereum is a C++ client for Ethereum Application Programming Platform.JSON-RPC is one of the remote invocation services using JSON as the protocol. An incorrect authorization vulnerability exists in the minersetGasPrice API for JSON-RPC in the CPP-Ethereum commit...
CPP-Ethereum libevm Information Disclosure Vulnerability
CPP-Ethereum is a C++ client for Ethereum Application Programming Platform. libevm is one of the Ethereum virtual machine libraries. An information disclosure vulnerability exists in create2 of libevm in CPP-Ethereum commit version 4e1015743b95821849d001618a7ce82c7c073768. An attacker could explo...
CPP-Ethereum JSON-RPC Denial of Service Vulnerability
CPP-Ethereum is a C++ client for Ethereum Application Programming Platform.JSON-RPC is one of the remote invocation services using JSON as the protocol.APIs are the interfaces. A denial of service vulnerability exists in the APIs for JSON-RPC in CPP-Ethereum commit version...
CPP-Ethereum libevm create2 Information Leak Vulnerability(CVE-2017-14457)
Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...
CPP-Ethereum JSON-RPC miner_setGasPrice improper authorization Vulnerability(CVE-2017-12116)
Summary An exploitable improper authorization vulnerability exists in minersetGasPrice API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability(CVE-2017-12115)
Summary An exploitable improper authorization vulnerability exists in minersetEtherbase API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON t...
CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability(CVE-2017-12118)
Summary An exploitable improper authorization vulnerability exists in minerstop API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigge...
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity Ethereum Client
Vulnerabilities discovered by Marcin Noga of Cisco Talos. Overview Talos is disclosing the presence of multiple vulnerabilities in the CPP and the Parity Ethereum clients. TALOS-2017-0503 / CVE-2017-14457 describes a denial of service vulnerability and potential memory leak in libevm. The functio...