101 matches found
CVE-2019-16992
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...
CVE-2019-16992
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...
How to Recover Lost or Deleted Files?
Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any back...
How to Recover Lost or Deleted Files?
Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any back...
Stellar.org: Exploitable vulnerability in SDEX
Hi, Last Thursday I discovered the exploitable vulnerability in SDEX. I immediately reported the bug directly to Jed by email and he confirmed it. It's all about rounding during trades. You see, I found that orders are always executed if the price matches market, even if the amount is as small as...
Stellar.org: It's possible to put SDX orderbook into invalid state and execute trades at arbitrary price
stellar-core improperly handles creation of a buy offer which crosses existing sell offers immediate execution but can only be filled partially due to a trustline limit on the source account. This makes it possible to create a valid offer to buy any custom asset at higher price than existing sell...
BlackWallet hacked: Hackers replace DNS server, steal $400k in Stellar
By Waqas As the price of Bitcoin and other cryptocurrencies is surging, This is a post from HackRead.com Read the original post: BlackWallet hacked: Hackers replace DNS server, steal $400k in Stellar...
stellar-database.com XSS vulnerability
Vulnerable URL: http://www.stellar-database.com/Scripts/searchstar.exe?Name=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 517452...
stellar-legacy.net XSS vulnerability
Open Bug Bounty ID: OBB-79034 Description| Value ---|--- Affected Website:| stellar-legacy.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Stellar Docs 1.2 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8385/info Stellar Docs will disclose path information in an error page in response to a request for an invalid request for a web resource. This could disclose information that could be useful in further attacks against th...
Stellar Wind Surveillance program under Obama administration
According to secret documents obtained by the Guardian, Obama administration permitted the National Security Agency to surveillance the Emails and Internet metadata of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind, was launched ...
Stellar Wind Surveillance program under Obama administration
According to secret documents obtained by the Guardian, Obama administration permitted the National Security Agency to surveillance the Emails and Internet metadata of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind, was launched ...
ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak
ZH2003-20SA security advisory: Stellar Docs Path Disclosure and Security Leak Published: 10 august 2003 Released: 10 august 2003 Name: Stellar Docs Affected Systems: v1.2 Issue: Remote attackers can know the path of the site and access the administrative section Author: [email protected] Vendor:...
ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak
ZH2003-20SA security advisory: Stellar Docs Path Disclosure and Security Leak Published: 10 august 2003 Released: 10 august 2003 Name: Stellar Docs Affected Systems: v1.2 Issue: Remote attackers can know the path of the site and access the administrative section Author: G00db0y zone-h org Vendor:...
Stellar Docs Malformed Query Path Disclosure
The remote host is running StellarDocs There is a flaw in this system which may allow an attacker to obtain the physical path of the remote installation of StellarDocs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid11817; scriptversion"1.21";...
CVE-2002-0916
This CVE (CVE-2002-0916) affects Squid 2.4.STABLE6 and earlier, in the Stellar-X msntauth authentication module. The issue is a format string vulnerability in the allowuser code that handles the user name, where untrusted input is used in a syslog call, enabling remote code execution. Documents c...
CVE-2002-0916
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...
CVE-2002-0916
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...
CVE-2002-0916
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...
CVE-2002-0916
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...