Lucene search
K

101 matches found

HackRead
HackRead
added 2023/07/25 3:47 p.m.13 views

Groundbreaking Integration: Stellar Cyber Safeguards OT Environments Alongside IT

By Waqas Stellar Cyber, a cybersecurity company that specializes in providing an Open XDR Extended Detection and Response platform, has… This is a post from HackRead.com Read the original post: Groundbreaking Integration: Stellar Cyber Safeguards OT Environments Alongside IT...

6.9AI score
Exploits0
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.5 views

WordPress Stellar Places Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Stellar Places Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 7cb29a8636b0 Credits Rafie Muhammad Patchstack Required...

6.1AI score0.00284EPSS
Exploits0References3Affected Software1
HackRead
HackRead
added 2023/03/15 6:16 p.m.13 views

Stellar Cyber Launches InterSTELLAR Partner Program for Open XDR Solutions

By Owais Sultan Stellar Cyber, the company that recently made headlines as one of the "10 Hot XDR Security Companies You… This is a post from HackRead.com Read the original post: Stellar Cyber Launches InterSTELLAR Partner Program for Open XDR Solutions...

2.7AI score
Exploits0
HackRead
HackRead
added 2022/09/01 12:30 p.m.16 views

Stellar Repair for Access – Software Review

By Owais Sultan If your MS Access database is corrupted or is in an inconsistent state, you can use the Compact… This is a post from HackRead.com Read the original post: Stellar Repair for Access – Software Review...

3.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/30 12:30 p.m.28 views

Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs

As threat complexity increases and the boundaries of an organization have all but disappeared, security teams are more challenged than ever to deliver consistent security outcomes. One company aiming to help security teams meet this challenge is Stellar Cyber. Stellar Cyber claims to address the...

6.7AI score
Exploits0
HackRead
HackRead
added 2022/08/22 1:0 p.m.15 views

Barmak Meftah Joins Stellar Cyber, Innovator of Open XDR, as Board Advisor

By Waqas Barmak Meftah is joining the innovator of Open XDR, Stellar Cyber in a new advisory role. What does… This is a post from HackRead.com Read the original post: Barmak Meftah Joins Stellar Cyber, Innovator of Open XDR, as Board Advisor...

2.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/07/01 7:44 p.m.10 views

stellar.io Cross Site Scripting vulnerability OBB-2705649

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNVD
CNVD
added 2021/07/06 12:0 a.m.4 views

js-stellar-sdk authorization issue vulnerability

js-stellar-sdk is an application. A Javascript library for communicating with the Stellar Horizon server. A security vulnerability exists in Js-stellar-sdk versions prior to 8.2.3, which stems from the program's "Utils.readChallengeTx" function not verifying that the server has signed the...

6.5CVSS6.6AI score0.00514EPSS
Exploits0References1
Veracode
Veracode
added 2021/07/05 6:45 a.m.16 views

Insecure Signature Verification

stellar-sdk uses insecure signature verification.The function Utils.readChallengeTx fails to verify that the transactions are signed by serverAccountID, allowing invalid challenge transactions as valid ones...

6.5CVSS3.4AI score0.00514EPSS
Exploits0References3Affected Software1
Node.js
Node.js
added 2021/07/02 7:21 p.m.82 views

Improper Authentication

Overview The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server ha...

4CVSS2AI score0.00514EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2021/07/02 7:20 p.m.7 views

@1llet.xyz/erc4337-gasless-sdk (>=0.4.10 <=0.4.73), @adebaraayomide/synchro_sdk (>=0.0.3 <=0.1.0-synchro-sdk) +209 more potentially affected by CVE-2021-32738 via stellar-sdk (>=0.10.0 <=7.0.0)

stellar-sdk NPM version =0.10.0, =0.4.10, =0.0.3, =3.8.0, =1.0.0, =0.7.0, =1.0.0, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =2.0.73-alpha.212 and more Source cves: CVE-2021-32738 Source advisory:...

6.5CVSS6.5AI score0.00514EPSS
Exploits0
OSV
OSV
added 2021/07/02 7:20 p.m.17 views

GHSA-6CGH-HJPW-Q3GQ Utils.readChallengeTx does not verify the server account signature

The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server has signed...

6.5CVSS6.3AI score0.00514EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/07/02 7:20 p.m.83 views

Utils.readChallengeTx does not verify the server account signature

The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server has signed...

6.5CVSS2.2AI score0.00514EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/07/02 7:15 p.m.18 views

CVE-2021-32738

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

6.5CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2021/07/02 7:15 p.m.47 views

CVE-2021-32738

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

6.5CVSS0.00514EPSS
Exploits0References2
Prion
Prion
added 2021/07/02 7:15 p.m.12 views

Design/Logic Flaw

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

4CVSS6.5AI score0.00514EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/07/02 6:15 p.m.109 views

CVE-2021-32738

CVE-2021-32738 affects the js-stellar-sdk library used to interact with Stellar Horizon. The vulnerability lies in Utils.readChallengeTx, which, before version 8.2.3, did not verify that the server signature was present on the challenge transaction; however, signature verification via Utils.verif...

6.5CVSS6.4AI score0.00514EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/02 6:15 p.m.36 views

CVE-2021-32738 Utils.readChallengeTx does not verify the server account signature

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

6.5CVSS6.7AI score0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.5 views

js-stellar-sdk 数据伪造问题漏洞

js-stellar-sdk is an application. A Javascript library for communicating with the Stellar Horizon server. A security vulnerability exists in Js-stellar-sdk versions prior to 8.2.3, which stems from the program's "Utils.readChallengeTx" function not verifying that the server has signed the...

6.5CVSS5.6AI score0.00514EPSS
Exploits0References3
HackRead
HackRead
added 2021/05/05 3:13 p.m.31 views

Software Review: Stellar Repair for Exchange

By Owais Sultan When disaster strikes in the Exchange server, you must have a contingency plan in place to recover from it quickly. This is a post from HackRead.com Read the original post: Software Review: Stellar Repair for Exchange...

3AI score
Exploits0
Rows per page
Query Builder