Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/06 7:54 a.m.5 views

CVE-2026-2330 CVE-2026-2330

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without authentication. An unauthenticated attacker could...

9.4CVSS5.8AI score0.00665EPSS
Exploits0References6
Code423n4
Code423n4
added 2021/06/16 12:0 a.m.10 views

Deposit whitelist enforced on msg.sender instead of user

Handle 0xRajeev Vulnerability details Impact The Treasury deposit function credits amount to the user address in parameter instead of the msgSender that is actually making the deposit whose rationale as explained in the Natspec comment is that this may be called via contract or L1-L2 bot. However...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/03/12 12:0 a.m.12 views

PT-2021-5145 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.16 Description: The issue is related to the XStream Java library, which is used for serializing objects to XML and back again. It may allow a remote attacker to load and execute arbitrary code from a remote host ...

10CVSS7.1AI score0.98124EPSS
Exploits59References613
Cvelist
Cvelist
added 2011/06/30 4:0 p.m.25 views

CVE-2011-2370

Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a 1 add-on or 2 theme via unspecified vectors...

9.3AI score0.00975EPSS
Exploits1References4
Rows per page
Query Builder