Lucene search
+L

165 matches found

nvd
nvd
added 2022/02/07 1:15 p.m.17 views

CVE-2021-46359

FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks...

7.5CVSS0.01197EPSS
Exploits1References1
osv
osv
added 2022/02/07 1:15 p.m.11 views

CVE-2021-46359

FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks...

7.5CVSS7AI score
Exploits0References1
prion
prion
added 2022/02/07 1:15 p.m.17 views

Design/Logic Flaw

FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks...

5CVSS7.4AI score0.01197EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/02/07 12:47 p.m.49 views

CVE-2021-46359

CVE-2021-46359 affects FISCO-BCOS release-3.0.0-rc2. The issue is a denial-of-service vulnerability where some transactions may fail to commit, which could enable a double-spending scenario according to linked sources. The vulnerability is documented across multiple feeds (NVD/NVD-derived, CVE li...

7.5CVSS7.4AI score0.01197EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/02/07 12:47 p.m.20 views

CVE-2021-46359

FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks...

7.6AI score0.01197EPSS
Exploits1References1
code423n4
code423n4
added 2022/01/14 12:0 a.m.11 views

No check that _to and from are different addresses in outboundTransfer() function

Handle jayjonah8 Vulnerability details Impact In L1LPTGateway.sol the outboundTransfer function transfers the l1Token from the msg.sender to the l1LPTEscrow contract. It also takes in the to argument which is set in the outboundCalldata variable. This function does not check if the msg.sender and...

7.1AI score
Exploits0
code423n4
code423n4
added 2021/12/21 12:0 a.m.9 views

NFTXSimpleFeeDistributor._sendForReceiver doesn't return success if receiver is not a contract

Handle hyh Vulnerability details Impact Double spending of fees being distributed will happen in favor of the first fee receivers in the feeReceivers list at the expense of the last ones. As sendForReceiver doesn't return success for completed transfer when receiver isn't a contract, the...

6.8AI score
Exploits0
code423n4
code423n4
added 2021/10/30 12:0 a.m.8 views

Approved spender can spend too many tokens

Handle cmichel Vulnerability details The approve function has not been overridden and therefore uses the internal shares, whereas transferFrom uses the rebalanced amount. Impact The approved spender may spend more tokens than desired. In fact, the approved amount that can be transferred keeps...

6.9AI score
Exploits0
threatpost
threatpost
added 2021/09/03 4:15 p.m.45 views

The State of Incident Response: Measuring Risk and Evaluating Your Preparedness

The coronavirus pandemic presented the perfect opportunity for security teams to evaluate the state of their incident-response process. In fact, it highlighted the dire need to implement a more structured, detailed and well-practiced plan to sufficiently support organizations when suffering a...

7.4AI score
Exploits0References2
github
github
added 2021/08/25 9:1 p.m.16 views

Miner fails to get block template when a cell used as a cell dep has been destroyed.

Impact The RPC getblocktemplate fails when a cell has been used as a cell dep and an input in the different transactions. Say cell C is used as a dep group in the transaction A, and is destroyed in the transaction B. The node adds transaction A first, then B into the transaction pool. They are bo...

0.6AI score
Exploits0References3Affected Software1
impervablog
impervablog
added 2021/06/24 4:32 p.m.47 views

Top five insights from the 2021 CyberEdge Cyberthreat Defense Report

For the last eight years, the Cyberthreat Defense Report has been helping enterprise security professionals gauge their internal practices and security investments against their peers across multiple countries and industries. The report is based upon data from 1,200 qualified IT security...

7AI score
Exploits0
coalfire
coalfire
added 2021/04/01 4:13 p.m.38 views

Closing the technical gap with resiliency pen testing

Organizations across all industries are watching and weighing the real impact and cost of security breaches as they look to budget security spending for 2021. While remote operations are becoming the norm, threat actors have no intention of slowing down their efforts. Instead, they are taking ful...

0.7AI score
Exploits0
akamaiblog
akamaiblog
added 2021/02/18 2:0 p.m.54 views

Can Edge Computing Exist Without the Edge? Part 3: The Economics of Edge Computing

Do the math. For the past decade, digital businesses have been investing in digital transformation initiatives. The promise is to increase top-line growth while maximizing customer lifetime value. As infrastructure improves, IT spending is shifting from the cloud to the edge. But while edge...

7.6AI score
Exploits0
akamaiblog
akamaiblog
added 2021/02/18 5:0 a.m.15 views

Can Edge Computing Exist Without the Edge? Part 3: The Economics of Edge Computing

Do the math. For the past decade, digital businesses have been investing in digital transformation initiatives. The promise is to increase top-line growth while maximizing customer lifetime value. As infrastructure improves, IT spending is shifting from the cloud to the edge. But while edge...

1.5AI score
Exploits0
nvd
nvd
added 2021/02/05 2:15 p.m.23 views

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

7.5CVSS0.01027EPSS
Exploits0References1
osv
osv
added 2021/02/05 2:15 p.m.6 views

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

7.5CVSS5.8AI score0.01027EPSS
Exploits0References1
prion
prion
added 2021/02/05 2:15 p.m.15 views

Design/Logic Flaw

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

5CVSS7.5AI score0.01027EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2021/02/05 2:15 p.m.2 views

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

7.5CVSS5.4AI score0.01027EPSS
Exploits0References2
cvelist
cvelist
added 2021/02/05 9:8 a.m.28 views

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

7.5AI score0.01027EPSS
Exploits0References1
cve
cve
added 2021/02/05 9:8 a.m.47 views

CVE-2020-8806

CVE-2020-8806 affects Electric Coin Company Zcashd (before 2.1.1-1). The root cause is improper enforcement of timestamp requirements on block headers, which could cause a valid chain to be rejected, enabling consensus failure and potential double spending. A fix is available in 2.1.1-1 (and hotf...

7.5CVSS7.5AI score0.01027EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder