CVE-2024-34694

HIGH Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-754
View all →

Vulnerability Description

LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.

Related Vulnerabilities

CVE-2023-32726

HIGH
CVSS:8.1(High)

The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.

CWE-7542023

CVE-2025-43715

HIGH
CVSS:8.1(High)

Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %W...

CWE-7542025

CVE-2020-7800

HIGH
CVSS:8.2(High)

The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability. The affected produc...

CWE-7542020

CVE-2022-26079

HIGH
CVSS:8.2(High)

Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.

CWE-7542022

CVE-2022-29278

HIGH
CVSS:8.2(High)

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS mem...

CWE-7542022

CVE-2022-43393

HIGH
CVSS:8.2(High)

An improper check for unusual or exceptional conditions in the HTTP request processing function of Zyxel GS1920-24v2 firmware prior to V4.70(ABMH.8)C0, which could allow an unauthenticated attacker to...

CWE-7542022