NATIVE TOKENS TRANSFERRED TO THE LlamaAccount CONTRACT CAN GET STUCK
Lines of code https://github.com/code-423n4/2023-06-llama/blob/main/src/accounts/LlamaAccount.sol#L147-L150 https://github.com/code-423n4/2023-06-llama/blob/main/src/LlamaExecutor.sol#L29-L36 https://github.com/code-423n4/2023-06-llama/blob/main/src/LlamaCore.sol#L333-L334 Vulnerability details...
6.9AI Score
LlamaExecutor#execute is not payable
Lines of code Vulnerability details Impact Since the execute function in LlamaExecutor.sol is not payable, nor the contract has the ability to receive ether, any action that requires sending ETH will eventually fail. Proof of Concept Tools Used Manual review Recommended Mitigation Steps One of the....
7.1AI Score
NATIVE TOKENS COULD GET STUCK INSIDE THE LlamaCore CONTRACT SINCE THERE IS NO WITHDRAWAL MECHANISM
Lines of code https://github.com/code-423n4/2023-06-llama/blob/main/src/LlamaCore.sol#L333-L334 https://github.com/code-423n4/2023-06-llama/blob/main/src/LlamaExecutor.sol#L29-L35 Vulnerability details Impact The LlamaCore contract has a single payable function LlamaCore.executeAction(). It is...
7AI Score
Execution does not work if the action has a non-zero value
Lines of code https://github.com/code-423n4/2023-06-llama/blob/aac904d31639c1b4b4e97f1c76b9c0f40b8e5cee/src/LlamaCore.sol#L334 Vulnerability details Llama instances have a separate LlamaExecutor contract for action execution. When calling LlamaCore.executeAction(), the flow is the following (for...
7.1AI Score
Success value and msg.value not checked in llamaExecutor.sol
Lines of code Vulnerability details Impact Success value not checked. Result can fail silently. Msg.value can be lost. Proof of Concept Function execute does not check the validity of success. If execute is called and msg.value is greater than value, then excess msg.value will be stucked in...
7.1AI Score
Unsafe delegatecall functionality can break core protocol functionality
Lines of code https://github.com/code-423n4/2023-06-llama/blob/main/src/LlamaCore.sol#L454-L458 https://github.com/code-423n4/2023-06-llama/blob/main/src/accounts/LlamaAccount.sol#L297-L331 Vulnerability details Impact There are multiple contracts which include delegatecall functionality,...
7.4AI Score
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged...
7.1CVSS
6.8AI Score
0.0004EPSS
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged...
7.1CVSS
6.7AI Score
0.0004EPSS
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged...
7.1CVSS
6.8AI Score
0.0004EPSS
Anyone Can selfdestruct The VaultProxy Contract.
Lines of code https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/factory/VaultFactory.sol#L29 https://github.com/code-423n4/2023-06-stader/blob/7566b5a35f32ebd55d3578b8bd05c038feb7d9cc/contracts/factory/VaultFactory.sol#L42...
6.9AI Score
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged...
6.9AI Score
0.0004EPSS
Lines of code Vulnerability details Impact If the recipient address is not properly validated, an attacker could supply a malicious address as the recipient. This could result in the accumulated fees being sent to an unintended or unauthorized party. It could lead to financial loss or disruption...
7AI Score
eva-photo.com Cross Site Scripting vulnerability OBB-3364793
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
Introducing: ‘Saved Filters’ in InsightCloudSec
Last year, when we launched Layered Context in InsightCloudSec, we knew we had something great on our hands. Not just because we provided a single view for cloud security practitioners to see their full cloud risk posture (though, if we do say so ourselves, that’s pretty sweet). No, we knew we had....
6.7AI Score
Wrong blocksPerYear in WhitePaperInterestRateModel
Lines of code https://github.com/code-423n4/2023-05-venus/blob/main/contracts/BaseJumpRateModelV2.sol#L23 Vulnerability details Impact Venus is deployed on BNB Chain instead of Ethereum. Their block times are different. And WhitePaperInterestRateModel.sol is modified from compound. Therefore,...
6.8AI Score
Lines of code Vulnerability details Vulnerability details Impact * @dev Roughly equivalent to the number of blocks in 7 days. * @dev Roughly equivalent to the number of blocks in 90 days. * @dev Roughly equivalent to the number of blocks in 10 days. As described...
7AI Score
m.static Directory Traversal vulnerability
All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile...
7.5CVSS
5.5AI Score
0.001EPSS
m.static Directory Traversal vulnerability
All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile...
7.5CVSS
5.5AI Score
0.001EPSS
Lines of code https://github.com/code-423n4/2023-04-eigenlayer/blob/5e4872358cd2bda1936c29f460ece2308af4def6/src/contracts/libraries/BeaconChainProofs.sol#L245-L295...
6.7AI Score
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
6.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
7.6AI Score
0.0004EPSS
CVE-2022-33281 Improper validation of array index in computer vision.
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
6.7CVSS
7.9AI Score
0.0004EPSS
Missing important check in getOwnerAddress() function in DNSClaimChecker.sol
Lines of code Vulnerability details Impact getOwnerAddress() function used in DNSClaimChecker.sol is missing important check on the type and class of the records. Also this getOwnerAddress() function is used in DNSRegistar.sol _claim function to claim a name using the given proofs Since there are.....
6.9AI Score
SHA1Digest Contract Vulnerability
Lines of code Vulnerability details Impact The vulnerability is related to the use of the SHA1 hashing algorithm in the SHA1Digest contract. SHA1 is an outdated cryptographic hash function that has been deprecated by most security experts due to its weaknesses and susceptibility to collision...
6.9AI Score
github.com/iofinnet/thresh, github.com/thorchain/thorchain-tss and github.com/bnb-chain/tss-lib are vulnerable to Timing Attacks. The vulnerability exists due to a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic which allows an...
9.1CVSS
8.7AI Score
0.001EPSS
Lines of code https://github.com/code-423n4/2023-04-ens/blob/main/contracts/dnssec-oracle/algorithms/ModexpPrecompile.sol#L7 Vulnerability details Impact This vulnerability to cause unexpected behavior or even a denial-of-service attack on a contract that uses the RSAVerify library on...
7AI Score
VetoProposal#voteToVeto can be called repeatedly by same voter and be used to lock party
Lines of code Vulnerability details Impact Party can be locked due to not being able to pass and proposals Proof of Concept VetoProposal.sol#L37-L59 uint96 votingPower = party.getVotingPowerAt( msg.sender, proposalValues.proposedTime - 1, snapIndex ); uint96...
6.7AI Score
Voters can call VetoProposal.voteToVeto() as many times as they like.
Lines of code Vulnerability details Impact Each voter can veto a proposal if they want by calling voteToVeto() several times to pass the passThresholdBps. Proof of Concept Every voter shouldn't vote several times, otherwise, the voting system will be broken. But voteToVeto() doesn't check the...
6.8AI Score
eva-thiel.de Cross Site Scripting vulnerability OBB-3256856
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
5.9AI Score
Lines of code Vulnerability details Impact The VetoProposal contract allows to veto proposals with the voteToVeto function. The proposal can only be vetoed when it is in the Voting state, otherwise the voteToVeto function reverts. The issue is that the Voting state is not the only state in which...
6.7AI Score
Lines of code Vulnerability details Impact The VetoProposal contract allows to veto proposals with the voteToVeto function. When the amount of votes collected to veto a proposal exceeds a certain threshold (the passThresholdBps, which is determined upon initialization of the party), the proposal...
7AI Score
science-et-vie-junior.fr Cross Site Scripting vulnerability OBB-3234144
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
5.9AI Score
Lines of code https://github.com/code-423n4/2023-03-polynomial/blob/main/src/KangarooVault.sol#L183 https://github.com/code-423n4/2023-03-polynomial/blob/main/src/KangarooVault.sol#L243 https://github.com/code-423n4/2023-03-polynomial/blob/main/src/KangarooVault.sol#L215...
6.9AI Score
DefaultAccount will add system call flag to any call with msg.value
Lines of code https://github.com/code-423n4/2023-03-zksync/blob/main/contracts/libraries/EfficientCall.sol#L134-L145 https://github.com/code-423n4/2023-03-zksync/blob/main/contracts/MsgValueSimulator.sol#L22-L29...
6.8AI Score
Threat Source newsletter (March 9, 2023) — Stop freaking out about ChatGPT
Welcome to this week's edition of the Threat Source newsletter. There is no shortage of hyperbolic headlines about ChatGPT out there, everything from how it and other AI tools like it are here to replace all our jobs, make college essays a thing of the past and change the face of cybersecurity as.....
7.8CVSS
7.8AI Score
0.969EPSS
International Women’s Day: The power of diversity to build stronger cybersecurity teams
Women’s History Month is a special time for me as I reflect on all the great innovations women have made over the years. Women have driven technology forward throughout history. Notable women in cybersecurity like cryptologists Agnes Meyer Driscoll and Genevieve Grotjan Feinstein worked behind the....
-0.6AI Score
International Women’s Day: The power of diversity to build stronger cybersecurity teams
Women’s History Month is a special time for me as I reflect on all the great innovations women have made over the years. Women have driven technology forward throughout history. Notable women in cybersecurity like cryptologists Agnes Meyer Driscoll and Genevieve Grotjan Feinstein worked behind the....
-0.6AI Score
Contract not initialized after deployment
Lines of code https://github.com/code-423n4/2023-02-ethos/blob/73687f32b934c9d697b97745356cdf8a1f264955/Ethos-Vault/contracts/ReaperStrategyGranarySupplyOnly.sol#L62...
6.9AI Score
ReaperBaseStrategyv4 is not Initializable
Lines of code https://github.com/code-423n4/2023-02-ethos/blob/73687f32b934c9d697b97745356cdf8a1f264955/Ethos-Vault/contracts/ReaperStrategyGranarySupplyOnly.sol#L62...
6.9AI Score
la-vie-dor.com Cross Site Scripting vulnerability OBB-3180604
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Lines of code https://github.com/code-423n4/2023-01-drips/blob/9fd776b50f4be23ca038b1d0426e63a69c7a511d/src/AddressDriver.sol#L19 https://github.com/code-423n4/2023-01-drips/blob/9fd776b50f4be23ca038b1d0426e63a69c7a511d/src/NFTDriver.sol#L19...
6.9AI Score
No support non-18 decimals token
Lines of code https://github.com/code-423n4/2023-01-numoen/blob/2ad9a73d793ea23a25a381faadc86ae0c8cb5913/src/core/JumpRate.sol#L21 https://github.com/code-423n4/2023-01-numoen/blob/2ad9a73d793ea23a25a381faadc86ae0c8cb5913/src/core/JumpRate.sol#L37...
6.8AI Score
Mitigation of M-06: Issue not mitigated
Lines of code Vulnerability details The sponsor disputes the issue, but never follows up after judge's comments, so the same issue remains in the new code. The text was updated successfully, but these errors were encountered: All...
6.9AI Score
Mitigation of M-06: Issue not mitigated
Lines of code Vulnerability details Mitigation of M-06: Issue not mitigated The text was updated successfully, but these errors were encountered: All...
7AI Score
Only one GroupBuy can ever use USDT or similar tokens with front-running approval protections
Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings#37 was not mitigated and still applies like it is described there. The text was updated successfully, but these errors were encountered: All...
6.9AI Score
eva-va.nl Cross Site Scripting vulnerability OBB-3132201
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system...
7.8CVSS
7.5AI Score
0.0004EPSS
Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain...
5.5CVSS
5.4AI Score
0.0004EPSS
Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service...
7.5CVSS
7.5AI Score
0.001EPSS