Writeup Exploits

62,915 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-39389 WRITEUP HIGH
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
CVE-2022-39389 WRITEUP HIGH
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
CVE-2022-39389 WRITEUP HIGH
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
CVE-2022-39389 WRITEUP HIGH
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
CVE-2021-41593 WRITEUP HIGH
Lightning Labs lnd < 0.13.3-beta - Loss of Funds via Dust HTLC Exposure
Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.
CVSS 8.6
CVE-2019-12999 WRITEUP HIGH
Lightning Network Daemon <0.7 - Privilege Escalation
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.
CVSS 7.5
CVE-2019-12999 WRITEUP HIGH
Lightning Network Daemon <0.7 - Privilege Escalation
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.
CVSS 7.5
CVE-2021-41591 WRITEUP CRITICAL
acinq eclair < 0.6.3 - Denial of Service via Dust HTLC Exposure
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.
CVSS 9.4
CVE-2019-13000 WRITEUP HIGH
Eclair < 0.3 - Incorrect Access Control
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
CVSS 7.5
CVE-2019-13000 WRITEUP HIGH
Eclair < 0.3 - Incorrect Access Control
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
CVSS 7.5
CVE-2019-13024 WRITEUP HIGH
Centreon 18.x < 18.10.6, 19.x < 19.04.3 - Authenticated Remote Code Execution via Monitoring Engine Binary Configuration
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
CVSS 8.8
CVE-2019-13027 WRITEUP CRITICAL
Concerto Critical Chain Planner 5.10.8071 SQLi via taskupdt/taskdetails.aspx
Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter.
CVSS 9.8
CVE-2019-13029 WRITEUP MEDIUM
REDCap 8.0-8.10.2 - Stored Cross-Site Scripting in Admin Panel and Survey System
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
CVSS 4.8
CVE-2019-13051 WRITEUP HIGH
Pi-hole 4.3 - OS Command Injection
Pi-Hole 4.3 allows Command Injection.
CVSS 8.8
CVE-2019-13101 WRITEUP CRITICAL
D-Link DIR-600M Firmware 3.02-3.06 - Unauthenticated Information Disclosure and Data Modification via wan.htm
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
CVSS 9.8
CVE-2019-13103 WRITEUP HIGH
denx/u-boot < 2019.04 - Denial of Service via Crafted DOS Partition Table
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
CVSS 7.1
CVE-2019-13104 WRITEUP HIGH
Das U-Boot 2016.11-rc1-2019.07-rc4 - Integer Underflow via Crafted ext4 Filesystem
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
CVSS 7.8
CVE-2019-13105 WRITEUP HIGH
Das U-Boot 2019.07-rc1-2019.07-rc4 - Use-After-Free in ext4 Filesystem Listing
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.
CVSS 7.8
CVE-2019-13106 WRITEUP HIGH
Das U-Boot 2016.09-2019.07-rc4 - Stack Buffer Overflow via ext4 Filesystem Handling
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
CVSS 7.8
CVE-2019-13217 WRITEUP HIGH
stb_vorbis < 2019-03-04 - Heap Buffer Overflow in start_decoder
A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
CVSS 7.8
CVE-2019-13218 WRITEUP MEDIUM
stb_vorbis < 2019-03-04 - Denial of Service via Crafted Ogg Vorbis File
Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVSS 5.5
CVE-2019-13219 WRITEUP MEDIUM
stb_vorbis < 2019-03-04 - Denial of Service via Crafted Ogg Vorbis File
A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVSS 5.5
CVE-2019-13220 WRITEUP HIGH
stb_vorbis < 2019-03-04 - Use of Uninitialized Resource in start_decoder
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
CVSS 7.1
CVE-2019-13221 WRITEUP HIGH
stb_vorbis < 2019-03-04 - Stack Buffer Overflow in compute_codewords Function
A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
CVSS 7.8
CVE-2019-13222 WRITEUP HIGH
stb_vorbis < 2019-03-04 - Out-of-bounds Read in draw_line Function
An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
CVSS 7.1