1288H V5; 2288H V5 Security Vulnerabilities

After a swap, user can lose input token amount while receiving no output token amount when output token becomes non-existent

Lines of code https://github.com/code-423n4/2022-09-quickswap/blob/main/src/core/contracts/AlgebraPool.sol#L589-L623 Vulnerability details Impact When calling the swap function below, the following safeTransfer function is further called for transferring the corresponding value of token from the...

Buffer Overflow

squid is vulnerable to buffer overflow. The vulnerability exists due to a lack of sanitization of the input in SSPI and SMB Authentication allowing an attacker to corrupt the...

Information Disclosure

squid is vulnerable to information disclosure. The vulnerability exits due to inconsistent handling of internal URIs, which allows an attacker to gain access to cache manager information in the file system via bypassing the manager ACL...

CVE-2022-35248

A improper authentication vulnerability exists in...

CVE-2022-35251

A cross-site scripting vulnerability exists in...

CVE-2022-35250

A privilege escalation vulnerability exists in...

CVE-2022-35249

A information disclosure vulnerability exists in...

CVE-2022-35247

A information disclosure vulnerability exists in...

CVE-2022-35246

A NoSQL-Injection information disclosure vulnerability vulnerability exists in...

CVE-2022-32226

An improper access control vulnerability exists in...

CVE-2022-32229

A information disclosure vulnerability exists in...

CVE-2022-32228

An information disclosure vulnerability exists in...

CVE-2022-32227

A cleartext transmission of sensitive information exists in...

CVE-2022-32218

An information disclosure vulnerability exists in...

CVE-2022-32220

An information disclosure vulnerability exists in...

Privilege escalation

A privilege escalation vulnerability exists in...

CVE-2022-35246

A NoSQL-Injection information disclosure vulnerability vulnerability exists in...

CVE-2022-35251

A cross-site scripting vulnerability exists in...

Information disclosure

A information disclosure vulnerability exists in...

Information disclosure

An information disclosure vulnerability exists in...

Authentication flaw

A improper authentication vulnerability exists in...

CVE-2022-32218

An information disclosure vulnerability exists in...

CVE-2022-32220

An information disclosure vulnerability exists in...

Information disclosure

A information disclosure vulnerability exists in...

CVE-2022-32227

A cleartext transmission of sensitive information exists in...

CVE-2022-32226

An improper access control vulnerability exists in...

Information disclosure

A information disclosure vulnerability exists in...

CVE-2022-35249

A information disclosure vulnerability exists in...

CVE-2022-35248

A improper authentication vulnerability exists in...

CVE-2022-35250

A privilege escalation vulnerability exists in...

CVE-2022-32229

A information disclosure vulnerability exists in...

Information disclosure

A NoSQL-Injection information disclosure vulnerability vulnerability exists in...

Improper access control

An improper access control vulnerability exists in...

Information disclosure

An information disclosure vulnerability exists in...

Design/Logic Flaw

A cleartext transmission of sensitive information exists in...

Cross site scripting

A cross-site scripting vulnerability exists in...

Information disclosure

An information disclosure vulnerability exists in...

CVE-2022-32228

An information disclosure vulnerability exists in...

CVE-2022-35247

A information disclosure vulnerability exists in...

CVE-2022-32220

An information disclosure vulnerability exists in...

CVE-2022-32229

A information disclosure vulnerability exists in...

CVE-2022-32228

An information disclosure vulnerability exists in...

CVE-2022-32218

An information disclosure vulnerability exists in...

CVE-2022-32227

A cleartext transmission of sensitive information exists in...

CVE-2022-32226

An improper access control vulnerability exists in...

CVE-2022-35247

A information disclosure vulnerability exists in...

CVE-2022-35251

A cross-site scripting vulnerability exists in...

CVE-2022-35246

A NoSQL-Injection information disclosure vulnerability vulnerability exists in...

CVE-2022-35248

A improper authentication vulnerability exists in...

CVE-2022-35250

A privilege escalation vulnerability exists in...