Lucene search
K

25 matches found

The Hacker News
The Hacker News
added 2025/12/05 2:10 p.m.13 views

Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components RSC within hours of it becoming public knowledge. The vulnerability in question is CVE-2025-55182 CVSS score: 10.0, aka React2Shell, which allows unauthenticated remot...

10CVSS9.5AI score0.99562EPSS
Exploits391
NVD
NVD
added 2023/12/19 3:15 a.m.14 views

CVE-2019-25157

A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product do...

4.3CVSS0.00678EPSS
Exploits1References4
OSV
OSV
added 2023/12/19 3:15 a.m.19 views

CVE-2019-25157

A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product do...

4.3CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2023/12/19 3:15 a.m.16 views

Improper access control

A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product do...

4CVSS7AI score0.00678EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/12/19 2:0 a.m.22 views

CVE-2019-25157 Ethex Contracts Monthly Jackpot EthexJackpot.sol access control

A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product do...

4.3CVSS4.6AI score0.00678EPSS
Exploits1References4
CVE
CVE
added 2023/12/19 2:0 a.m.34 views

CVE-2019-25157

The CVE-2019-25157 issue affects Ethex Contracts, specifically the EthexJackpot.sol file within the Monthly Jackpot Handler. The vulnerability results from improper access controls in an unknown portion of the contract and can be triggered remotely. A patch is available (6b8664b698d3d953e16c284fa...

4.3CVSS4.6AI score0.00678EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.4 views

PT-2023-11382 · Unknown · Ethex Contracts

Name of the Vulnerable Software and Affected Versions: Ethex Contracts affected versions not specified Description: A critical issue has been found in Ethex Contracts, affecting an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. This issue leads to improper...

4.3CVSS7.2AI score0.00678EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.4 views

Ethex Access Control Error Vulnerability

Ethex is an ethereum smart contract lottery game from the Ethex team. Ethex suffers from an Access Control Error vulnerability that stems from the fact that the file EthexJackpot.sol can lead to incorrect access control...

4.3CVSS6.8AI score0.00678EPSS
Exploits1References2
Code423n4
Code423n4
added 2023/03/14 12:0 a.m.10 views

Upgraded Q -> 2 from #345 [1678798679676]

Judge has assessed an item in Issue 345 as 2 risk. The relevant finding follows: Issue 2 - Undermining the fairness of the protocol in swapSource and possibilities for stealing a jackpot --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.11 views

No sanity check on drawCoolDownPeriod can lead to frontrun attacks on jackpot prize

Lines of code Vulnerability details Impact During the construction of the LotterySetup, there is no sanity check on drawCoolDownPeriod. If its set to zero, then there will be no cool down period, players can buy the lottery tickets at any time until the draw. Once lottery setup is complete with...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.10 views

expected outgoing rewards for non-jackpot tiers are not normalized

Lines of code Vulnerability details Impact When calculating new profit, the calculation for non-jackpot rewards are not normalized and will be largely overestimated, due to the additional percentage scaling. This will lead to the excess pot for participants being much lower and hence failing to...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.16 views

Validator/miner can set Block timestamp to a draw scheduled date and buy winning ticket if drawCoolDownPeriod is set to zero

Lines of code Vulnerability details Impact Validators/Miners would always be able to get the Jackpot prize, compromising the protocol. Proof of Concept The following foundry test illustrates this behaviour. Essentially, if the cooldown period time before a draw during which it is not possible to...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.9 views

Lottery owner can rig the draw to win the jackpot by swapping the source

Lines of code Vulnerability details Lottery owner can rig the draw to win the jackpot by swapping the source Impact The lottery owner has the ability to swap the Random Source under certain cirumstances, and this can be exploited to set a new source contract that returns any number set by it. Thi...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/11/03 4:0 a.m.13 views

jackpotpredictions.co.zm Improper Access Control vulnerability OBB-2227937

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/06/28 10:11 a.m.9 views

web.jackpot.de XSS vulnerability

Vulnerable URL:...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:52 a.m.24 views

Slots Jackpot™ - Best casino - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Slots Jackpot™ - Best casino published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:52 a.m.14 views

Jackpot Gems - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Jackpot Gems published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:52 a.m.11 views

Slots™ Jackpot - Slot Machines - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Slots™ Jackpot - Slot Machines published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:52 a.m.15 views

Las Vegas Casino Jackpot Slots - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Las Vegas Casino Jackpot Slots published at the 'play' market has multiple vulnerabilities...

1.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:52 a.m.13 views

Jackpot - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Jackpot published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder