1738 matches found
Security Bulletin: Vulnerability in Hibernate Validator affects IBM watsonx.data
Summary Hibernate Validator allows a remote attacker to bypass security restrictions, such as escaping or stripping, that may be in place when handling user-controlled data in error messages in IBM watsonx.data. Vulnerability Details CVEID:CVE-2021-23463 DESCRIPTION: h2database com.h2database:h2...
GO-2024-3112 CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft
CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft...
Unspecified vulnerability in Linux kernel (CNVD-2024-39479)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a kernel validator crash in the bpf component. No details of the vulnerability are provided at this time...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a kernel validator crash in the bpf component. No details of the vulnerability are provided at this time...
CVE-2024-45294
A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host...
Interchain Security: The signers of ICS messages do not need to match the provider address
Context ICS has the following four messages that enable validators on the provider chain to perform different actions: - MsgOptIn -- adds a validator to the consumer chain’s active set - MsgOptOut -- removes a validator from the consumer chain’s active set - MsgAssignConsumerKey -- changes the...
Malicious code in bitcoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bb543ed42a9c4e7386578dde42e2f9f8c6274c88b87358bff00e48a6fa2ea87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in litecoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2f4c4e8a02044ac141a2794e470da413b18acaaa68ae8f39b8276e2b74a95b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dogecoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59974cca416c68c21415c245925a5bbe5e4d1b8896bf3b41958d974bf12edb76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8744 Malicious code in bitcoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bb543ed42a9c4e7386578dde42e2f9f8c6274c88b87358bff00e48a6fa2ea87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8782 Malicious code in litecoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2f4c4e8a02044ac141a2794e470da413b18acaaa68ae8f39b8276e2b74a95b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8758 Malicious code in dogecoin-address-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59974cca416c68c21415c245925a5bbe5e4d1b8896bf3b41958d974bf12edb76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2024-10103
Name of the Vulnerable Software and Affected Versions rsync affected versions not specified Description The issue is related to an uncontrolled resource consumption in the rsync repository validator FORT. It can be exploited by a remote attacker to elevate their privileges. A malicious RPKI rsync...
FORT Validator 安全漏洞
FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3, which stems from unavailable route origin validation...
FORT Validator 安全漏洞
FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3 that stems from accessing elements of a collection without first cleaning them...
FORT Validator 安全漏洞
FORT Validator is an RPKI dependency and RTR server from NICMx Open Source. A security vulnerability exists in FORT Validator versions prior to 1.6.3, which stems from not properly cleaning up string lengths, resulting in a buffer overflow...
FORT Validator 安全漏洞
FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3, which stems from dereferencing a pointer without first cleaning it up...
FORT Validator 安全漏洞
FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3 that stems from dereferencing pointers...
FORT Validator 安全漏洞
FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3, which stems from dereferencing a pointer without first cleaning it up...
Missing Cryptographic Equivocation
github.com/cosmos/gaia is vulnerable to Missing Cryptographic Equivocation. The vulnerability is caused due to an issue in the Interchain Security ICS module that could result in the slashing of a validator for an "old" equivocation...