32 matches found
CVE-2022-31006
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...
Magma has an unspecified vulnerability
is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. A security vulnerability exists in Magma version 1.8.0, which can be exploited by an attacker to compromise an MME using an unauthenticated cell...
Magma Stack Overflow Vulnerability
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a stack overflow vulnerability that can be exploited by an attacker to trigger a denial of service DoS via a crafted NAS packet...
Magma Buffer Overflow Vulnerability
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a denial of service DoS via a crafted N...
Magma null pointer dereference vulnerability (CNVD-2025-15065)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma null pointer dereference vulnerability (CNVD-2025-02445)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma null pointer dereference vulnerability (CNVD-2025-15068)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma buffer overflow vulnerability (CNVD-2025-02449)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a denial of service DoS via a crafted N...
ASA-2024-005: Potential slashing evasion during re-delegation
ASA-2024-005: Potential slashing evasion during re-delegation Component: Cosmos SDK Criticality: Low Affected Versions: Cosmos SDK versions = 0.50.4; = 0.47.9 Affected Users: Chain developers, Validator and Node operators Impact: Slashing Evasion Summary An issue was identified in the slashing...
Vulnerable SDK components lead to supply chain risks in IoT and OT environments
December 8, 2022 update - Reflected additional research on Boa-related CVEs and updated supply chain diagram. Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External...
GHSA-X996-7QH9-7FF7 Hyperledger indy-node vulnerable to denial of service
Impact An attacker can max out the number of client connections allowed by the ledger that was deployed using guidance provided in the indy-node repository, leaving the ledger unable to be used for its intended purpose. The ledger content will not be impacted by the attack, and the ledger will...
CVE-2022-31006
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...
CVE-2022-31006 Hyperledger Indy DOS vulnerability
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...
PT-2022-20453 · Indy Node · Indy Node
Name of the Vulnerable Software and Affected Versions: indy-node affected versions not specified Description: The issue allows an attacker to max out the number of client connections allowed by the ledger, leaving it unable to be used for its intended purpose. However, the ledger content will not...
GHSA-R6V9-P59M-GJ2P Indy's NODE_UPGRADE transaction vulnerable to remote code execution
Impact The pool-upgrade request handler in Indy-Node =1.12.5 as soon as possible. Patches The pool-upgrade request handler in Indy-Node =1.12.5 has been updated to properly authenticate pool-upgrade transactions before any processing is performed by the request handler. The transactions are furth...
Indy's NODE_UPGRADE transaction vulnerable to remote code execution
Impact The pool-upgrade request handler in Indy-Node =1.12.5 as soon as possible. Patches The pool-upgrade request handler in Indy-Node =1.12.5 has been updated to properly authenticate pool-upgrade transactions before any processing is performed by the request handler. The transactions are furth...
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...
Attacks on Ukraine communications are a major part of the war
Since the start of the Russian invasion of Ukraine, the war on the battlefield has been accompanied by cyber attacks. Those attacks against critical infrastructure have knocked out banking and defense platforms, mostly by targeting several communication systems. In a timeline set up by NetBlocks,...
NSA-CISA Series on Securing 5G Cloud Infrastructures
The National Security Agency NSA and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement provides recommendations for mitigating lateral movement attempts ...