Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2023/06/30 10:13 p.m.9 views

GHSA-W5W5-2882-47PC github.com/cosmos/cosmos-sdk's x/crisis does not charge ConstantFee

x/crisis does not charge ConstantFee Impact If a transaction is sent to the x/crisis module to check an invariant, the ConstantFee parameter of the chain is NOT charged. All versions of the x/crisis module are affected on all versions of the Cosmos SDK. Details The x/crisis module is supposed to...

7AI score
Exploits0References3
Veracode
Veracodeadded 2022/09/12 4:30 p.m.20 views

Denial Of Service (DOS)

Indynode is vulnerable to Denial of Service DOS. An attacker can max out the connections to the ledger, resulting in Denial of Service. This vulnerability exploits the trade-off between resilience and availability, where any attacker firewall mitigation will restrict legitimate users. It is...

7.5CVSS7.2AI score0.00594EPSS
Exploits0References2Affected Software1
Hacker One
Hacker Oneadded 2022/09/08 4:37 p.m.55 views

Hyperledger: DOS validator nodes of blockchain to block external connections

Attack was documented in the in the github repo: https://github.com/hyperledger/indy-node/security/advisories/GHSA-x996-7qh9-7ff7 Attack: The attacker sends 500 read requests to each node and opens a new one when holding 500 parallel connections. Every user is able to send read requests since it'...

5CVSS7.3AI score0.00594EPSS
Exploits0
Code423n4
Code423n4added 2022/08/03 12:0 a.m.6 views

Malicious operators within epoch can not be manually invalidated

Lines of code Vulnerability details Impact Messages are verified and validated by a set of operators. Operators their weights and threshold are defined per epoch and stored as a hash. Transferring operatorship which means creating a new set of valid operators creates a new epoch. Operator sets th...

6.8AI score
Exploits0
ThreatPost
ThreatPostadded 2022/07/11 8:6 p.m.27 views

Popular NFT Marketplace Phished for $540M

Axie Infinity, a popular destination for 3 million traders of in-game collectible non-fungible tokens, reportedly lost $540M in cryptocurrency in a recruiting-themed spear phishing attack. The perpetrators of the crime are believed to be an advanced persistent threat group with ties to North...

7.3AI score
Exploits0References5
Malwarebytes
Malwarebytesadded 2022/07/08 4:7 p.m.15 views

Fake job offer leads to $600 million theft

Back in March, popular NFT battler Axie Infinity lay at the heart of a huge cryptocurrency theft inflicted on the Ronin network. From the Ronin newsletter: There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and...

7.4AI score
Exploits0
Rows per page
Query Builder