77 matches found
CVE-2018-19156
PIVX through 3.1.03 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
CVE-2018-19161
alqo through 4.1 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
CVE-2018-19157
Phore through 1.3.3.1 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Code injection
lux through 5.2.2 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Code injection
CloakCoin through 2.2.2.0 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Code injection
Diamond through 3.0.1.2 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Design/Logic Flaw
alqo through 4.1 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
The vulnerability of the software-hardware protection system VipNet Coordinator, which allows a perpetrator to trigger a service failure.
The vulnerability of the VipNet Coordinator HW software architecture related to information protection is linked to memory overflow in the hard drive. Exploiting this vulnerability allows a malicious actor to disrupt the MFTP protocol-based information exchange between all nodes of the ViPNet...
ALPINE-CVE-2018-19158
ColossusCoinXT through 1.0.5 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...
Stenographer - A Packet Capture Solution Which Aims To Quickly Spool All Packets To Disk, Then Provide Simple, Fast Access To Subsets Of Those Packets
Stenographer is a full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes. It provides a high-performance implementation of NIC-to-disk packet writing, handles deleting those files as disk fills up, and provides methods for reading back...
Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15883)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "Generate Diagnostics" method in Quest DR Series disk backup software versions prior to 4.0.3.1. The vulnerability can be exploited to execute arbitrary system commands via a special...
Western Digital SanDisk Secure Access Information Disclosure Vulnerability
Western Digital SanDisk Secure Access is a set of file encryption software for SanDisk storage devices from Western Digital. A security vulnerability exists in Western Digital SanDisk Secure Access version 3.01, which originates when the program retains temporary files on disk in plaintext. An...
Cloud WAF Versus On-Premises WAF
“The Times They Are a Changin’”, Bob Dylan knew it in 1964 and what was true then is even move true today. There continues to be ongoing debate on web application firewalls WAFs, specifically which is better for the enterprise—on-premises solutions or those in the ever-changing cloud. When...
CVE-2017-5655
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host...
vdsm: Users attempting a live storage migration create snapshot without snapshot creation permissions
It was discovered that the permissions to allow or deny snapshot creation were ignored during live storage migration of a VM's disk between storage domains. An attacker able to live migrate a disk between storage domains could use this flaw to cause a denial of service...
Zend平台多个远程漏洞
Zend Platform是企业级PHP应用的运行时平台环境。 Zend平台所捆绑的会话集群系统中存在多个漏洞,可能导致会话集群守护程序崩溃,会话函数无法工作,被攻击的节点拒绝服务。如果创建了特制的会话ID的话,攻击者还可以在会话集群守护程序的环境中或modcluster模块中执行任意代码。...
BEA Weblogic cleartext passwords
Passwords are stored on disk in cleartext...