Lucene search
K

101 matches found

OSV
OSV
added 2019/09/30 12:15 a.m.4 views

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

7.5CVSS7.1AI score0.00938EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/09/29 11:52 p.m.21 views

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

7.3AI score0.00938EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2019/01/29 12:2 p.m.2 views

How to Recover Lost or Deleted Files?

Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any back...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/01/29 12:2 p.m.102 views

How to Recover Lost or Deleted Files?

Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any back...

Exploits0
Hacker One
Hacker One
added 2018/03/26 10:10 p.m.42 views

Stellar.org: Exploitable vulnerability in SDEX

Hi, Last Thursday I discovered the exploitable vulnerability in SDEX. I immediately reported the bug directly to Jed by email and he confirmed it. It's all about rounding during trades. You see, I found that orders are always executed if the price matches market, even if the amount is as small as...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2018/03/03 5:43 a.m.20 views

Stellar.org: It's possible to put SDX orderbook into invalid state and execute trades at arbitrary price

stellar-core improperly handles creation of a buy offer which crosses existing sell offers immediate execution but can only be filled partially due to a trustline limit on the source account. This makes it possible to create a valid offer to buy any custom asset at higher price than existing sell...

0.5AI score
Exploits0
HackRead
HackRead
added 2018/01/16 8:27 p.m.23 views

BlackWallet hacked: Hackers replace DNS server, steal $400k in Stellar

By Waqas As the price of Bitcoin and other cryptocurrencies is surging, This is a post from HackRead.com Read the original post: BlackWallet hacked: Hackers replace DNS server, steal $400k in Stellar...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/06/18 6:25 p.m.15 views

stellar-database.com XSS vulnerability

Vulnerable URL: http://www.stellar-database.com/Scripts/searchstar.exe?Name=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 517452...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/08/15 3:15 p.m.17 views

stellar-legacy.net XSS vulnerability

Open Bug Bounty ID: OBB-79034 Description| Value ---|--- Affected Website:| stellar-legacy.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Stellar Docs 1.2 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8385/info Stellar Docs will disclose path information in an error page in response to a request for an invalid request for a web resource. This could disclose information that could be useful in further attacks against th...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/06/27 4:28 p.m.8 views

Stellar Wind Surveillance program under Obama administration

According to secret documents obtained by the Guardian, Obama administration permitted the National Security Agency to surveillance the Emails and Internet metadata of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind, was launched ...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/06/27 5:28 a.m.14 views

Stellar Wind Surveillance program under Obama administration

According to secret documents obtained by the Guardian, Obama administration permitted the National Security Agency to surveillance the Emails and Internet metadata of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind, was launched ...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2003/08/14 12:0 a.m.27 views

ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak

ZH2003-20SA security advisory: Stellar Docs Path Disclosure and Security Leak Published: 10 august 2003 Released: 10 august 2003 Name: Stellar Docs Affected Systems: v1.2 Issue: Remote attackers can know the path of the site and access the administrative section Author: [email protected] Vendor:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/08/12 12:0 a.m.32 views

ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak

ZH2003-20SA security advisory: Stellar Docs Path Disclosure and Security Leak Published: 10 august 2003 Released: 10 august 2003 Name: Stellar Docs Affected Systems: v1.2 Issue: Remote attackers can know the path of the site and access the administrative section Author: G00db0y zone-h org Vendor:...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/08/11 12:0 a.m.15 views

Stellar Docs Malformed Query Path Disclosure

The remote host is running StellarDocs There is a flaw in this system which may allow an attacker to obtain the physical path of the remote installation of StellarDocs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid11817; scriptversion"1.21";...

5.4AI score
Exploits0References1
CVE
CVE
added 2003/04/02 5:0 a.m.50 views

CVE-2002-0916

This CVE (CVE-2002-0916) affects Squid 2.4.STABLE6 and earlier, in the Stellar-X msntauth authentication module. The issue is a format string vulnerability in the allowuser code that handles the user name, where untrusted input is used in a syslog call, enabling remote code execution. Documents c...

7.5CVSS7.9AI score0.02943EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.17 views

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

7.9AI score0.02943EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2003/04/02 5:0 a.m.33 views

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

7.5CVSS7.8AI score0.02943EPSS
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.12 views

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

7.5CVSS7.9AI score0.02943EPSS
Exploits0References5
OSV
OSV
added 2002/10/04 4:0 a.m.6 views

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

8.2AI score
Exploits0References5
Rows per page
Query Builder