66 matches found
EUVD-2018-6750
Malware in sbrugna...
EUVD-2024-51845
Malicious code in bioql PyPI...
CVE-2022-39389
Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...
CVE-2021-47365
In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afsextendwriteback that adds extra pages to a write we want to make to improve the efficiency of the writeback by making it larger. This loop stops, however, if we hit a page we can't write ba...
CVE-2022-39389
Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...
Design/Logic Flaw
Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...
CVE-2022-39389 Witness Block Parsing DoS Vulnerability in lnd
Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...
DuplicateDump - Dumping LSASS With A Duplicated Handle From Custom LSA Plugin
DuplicateDump is a fork of MirrorDump with following modifications: DInovke implementation LSA plugin DLL written in C++ which could be clean up after dumping LSASS. MirrorDump compile LSA plugin as .NET assembly which would not be unloaded by LSASS process. That's why MirrorDump failed to delete...
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-002)
The version of kernel installed on the remote host is prior to 5.4.110-54.182. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-002 advisory. 2024-09-12: CVE-2021-4442 was added to this advisory. An issue was discovered in the Linux kernel...
Mozilla Rust has an unspecified vulnerability (CNVD-2022-03123)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust prior to ckb crate 0.40.0, which stems from a failed getblocktemplate RPC call. No details of the vulnerability are currently available...
CVE-2021-45698
An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...
CVE-2021-45698
An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...
Monero: RPC call crashes node
Summary: Passing a large list of amounts to the getoutputdistribution call crashes a remote node, after maybe 90 seconds of keeping it busy. Releases Affected: Probably all Steps To Reproduce: values=echo $seq 0 500 900000|sed -e 's/ /,/g' ; curl http://127.0.0.1:38081/jsonrpc -d...
Default credentials
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password...
CVE-2018-20586
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call...
CVE-2018-20586
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call...
Code injection
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call...
CVE-2018-20586
Removed by vendor...
CVE-2018-20586
CVE-2018-20586 affects bitcoind and Bitcoin-Qt prior to 0.17.1, where an RPC call can inject arbitrary data into the debug log. Affected component: Bitcoin Core’s RPC/debug logging. Root cause: ability to write arbitrary data via RPC into logs. Impact: log contents could be polluted with attacker...
CVE-2019-2308
User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,...