651 matches found
CVE-2026-46937
Vulnerability in the Oracle iSetup product of Oracle E-Business Suite component: General Ledger Update Transform, Reports. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2026-46893
Vulnerability in the JD Edwards EnterpriseOne General Ledger product of Oracle JD Edwards component: E1 Foundation. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise JD Edwards EnterpriseOne...
Vulnerabilities in Oracle JD Edwards EnterpriseOne
Oracle has identified several vulnerabilities in Oracle JD Edwards EnterpriseOne, including the modules Tools, Accounts Payable, Human Resources Management, General Ledger, Order Promising, and Project Costing, specifically for versions 9.2.0.0 to 9.2.26.2. These vulnerabilities enable attackers ...
PT-2026-50040
Name of the Vulnerable Software and Affected Versions Oracle iSetup versions 12.2.3 through 12.2.15 Description An issue exists in the General Ledger Update Transform, Reports component of the Oracle iSetup product within Oracle E-Business Suite. A low privileged attacker with network access via...
PT-2026-50000
Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne General Ledger version 9.2 Description A flaw in the E1 Foundation component allows a low-privileged attacker with network access via SMB Server Message Block, a network file sharing protocol to compromise the...
Fake ChatGPT download site infects Windows and Mac users with malware
A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openew.app, closely mimics OpenAI’s real ChatGPT download experience and offe...
CVE-2023-7346
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346 Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
EUVD-2023-60577
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2023-7346
Technical details (affected versions, exploit methods, mitigations) are not publicly provided in the supplied documents. Monitor for updates from official sources.
EUVD-2023-60576
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...
Ledger Bitcoin app 安全漏洞
The Ledger Bitcoin app is an open-source application developed by Ledger, which runs on the Ledger hardware wallet. There are security vulnerabilities in the 2.1.0 and 2.1.1 versions of the Ledger Bitcoin app. These vulnerabilities stem from improper handling of miniscripts containing the ‘a’...
PT-2026-42182
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies...
CVE-2025-15645
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2023-7345
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...
CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...
CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...
CVE-2023-7345
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...