+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2025-05-14 (/Thread-HackerOne-Disclosed-Reports-2025-05-14)
HackerOne disclosed reports - 2025-05-14 - hashXploiter - 05-15-2025
resolved
[Xenoblade Chronicles X: Definitive Edition] Unrestricted RPCs allow DoS and writing arbitrary flags remotely
Bug reported by Rocco was disclosed at May 15, 2025, 12:11 am | Resource Injection
The Xenoblade Chronicles X: Definitive Edition vulnerability allowed attackers to perform Denial-of-Service (DoS) attacks and write arbitrary flags remotely due to unrestricted Remote Procedure Calls (RPCs).
resolved
[Xenoblade Chronicles X: Definitive Edition] Improper validation of names allows injecting formatting tags and bypassing profanity filter
Bug reported by Rocco was disclosed at May 15, 2025, 12:11 am |
The vulnerability in Xenoblade Chronicles X: Definitive Edition allowed improper validation of names, enabling the injection of formatting tags and bypassing the profanity filter.
resolved
Improper error handling in async cryptographic operations crashes process
Bug reported by Tobias Nießen was disclosed at May 14, 2025, 10:30 pm | Cryptographic Issues - Generic
The C++ method SignTraits:
eriveBits() incorrectly called ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process.