Huge over calculating user rewards
Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1331-L1332 https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1342-L1343.....
6.8AI Score
Ability to receive LP rewards without having any LP staked
Lines of code Vulnerability details Impact The impact of this is high as a user is able to first stake LP tokens, then craftily withdraw them in specific increments without any change to their staking rewards. The user is able to get to a state in which they have 0 LP tokens staked, but have >0 ...
6.8AI Score
ZERO TRUNCATION COULD LEAD TO UNEXPECTED RESULTS
Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/main/contracts/staking/NeoTokyoStaker.sol#L1155 https://github.com/code-423n4/2023-03-neotokyo/blob/main/contracts/staking/NeoTokyoStaker.sol#L1623 Vulnerability details Impact Precision issue leading to zero truncation due to...
6.7AI Score
Unclaimed rewards will be stuck unrecoverable
Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1409 https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1264...
6.7AI Score
Updating a pool's total points doesn't affect existing stake positions for rewards calculation
Lines of code Vulnerability details Impact Staking rewards are calculated based on the user's share of total points in the corresponding asset pool, this is the sum of the points associated to the staker's positions divided by the total points from all positions in the pool. We can see this...
6.7AI Score
Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate interests. In some cases, the objective of that money is obvious. Google pours millions into lobbying on bills related to antitrust regulation. Big energy companies expect action whenever there...
0.2AI Score
The Prolificacy of LockBit Ransomware
Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022. LockBit ransomware was first discovered in September....
0.5AI Score
Upgraded Q -> 2 from #29 [1678626286403]
Judge has assessed an item in Issue #29 as 2 risk. The relevant finding follows: Maximum fixed reward is $6553.5 - too small in case of selectionSize = 16 The text was updated successfully, but these errors were encountered: All...
6.9AI Score
Risk of flashloan attacks in the Staking contract
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/main/src/staking/Staking.sol#L79-L89 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/staking/Staking.sol#L103-L106 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/staking/Staking.sol#L91-L101 Vulnerability...
6.8AI Score
Rewards for the Staking.sol contract may be stolen via the first staker
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/main/src/staking/Staking.sol#L122 Vulnerability details Impact The return amount of the function rewardPerToken() may be inflated for the first in the Staking.sol contract. Proof of Concept The Staking.sol contract is designed for the....
6.7AI Score
Lines of code Vulnerability details Impact Fixed rewards may change when packed. Proof of Concept In LotterySetup.packFixedRewards function packFixedRewards(uint256[] memory rewards) private view returns (uint256 packed) { if (rewards.length != (selectionSize) || rewards[0] != 0) { ...
6.7AI Score
Ticket: Owner of winning ticket can frontrun secondary sales
Lines of code Vulnerability details The Wenwin docs note that tickets "can be traded on the secondary market before or after the draw," since they are standard ERC721 tokens. After a ticket draw, the owner of a winning ticket may call Lottery#claimWinningTickets, which transfers lottery winnings...
6.7AI Score
Wrong calculation in calculateNewProfit
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L240 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L209 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L212 Vulnerability details Impact There is a wrong...
6.9AI Score
Reentrancy in staking function exit
Lines of code Vulnerability details Impact The user on calling exit calls the updateReward function twice. Proof of Concept First entry is in function withdraw() _burn() https://github.com/code-423n4/2023-03-wenwin/blob/91b89482aaedf8b8feb73c771d11c257eed997e8/src/staking/Staking.sol#L85 Calling...
6.9AI Score
Loss of reward for stakingRewardRecipient
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L249-L257 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/LotteryMath.sol#L119-L130 Vulnerability details Impact Anyone can call claimRewards function with rewardType = LotteryRewardType.STAKING, in...
6.7AI Score
Wrong reward calculation if the reward token doesn't have 18 decimals
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/91b89482aaedf8b8feb73c771d11c257eed997e8/src/LotterySetup.sol#L120 Vulnerability details Impact If the rewardToken has less than 16 decimals, users will not be able to claim the correct value of their prize. Try not to think it will...
6.6AI Score
Division before multiplication lead to truncation
Lines of code Vulnerability details Impact Calculation could result in truncation. Proof of Concept Staking.sol#L60-L64 : function earned(address account) public view override returns (uint256 _earned) { return balanceOf(account) * (rewardPerToken() - userRewardPerTokenPaid[account]) / 1e18 +...
6.8AI Score
Minimum referral requirement is incorrectly computed
Lines of code Vulnerability details As per the docs: Referrer rewards are allocated on a per draw basis Referrers who meet the minimum referral requirement according to the following table will be eligible for the Individual Referrer Allocation The minimum referral requirement for a draw N + 1...
6.8AI Score
Calculation in calculateNewProfit function is broken when jackpot is not won
Lines of code Vulnerability details The function calculateNewProfit present in the LotteryMath library is used when finalizing the current draw in the Lottery to track and update the currentNetProfit variable in the contract....
6.7AI Score
Fixed rewards in DAI (or similar token) can potentially overflow when being packed
Lines of code Vulnerability details When the lottery is initialized, fixed rewards are tightly packed in a 256 bit word. This is implemented in the packFixedRewards function: https://github.com/code-423n4/2023-03-wenwin/blob/main/src/LotterySetup.sol#L164-L176 function packFixedRewards(uint256[]...
7.1AI Score
Lines of code https://github.com/code-423n4/2023-03-wenwin/blob/main/src/LotterySetup.sol#L80 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/LotterySetup.sol#L161 https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L151 Vulnerability details Impact Lottery Insolvency....
6.6AI Score
The state of stalkerware in 2022
The state of stalkerware in 2022 (PDF) Main findings of 2022 The State of Stalkerware is an annual report by Kaspersky which contributes to a better understanding of how many people in the world are affected by digital stalking. Stalkerware is a commercially available software that can be...
6.4AI Score
Exploit for Code Injection in Vmware Spring Cloud Function
CVE-2022-22963 (spring cloud function sple rce) spring...
9.8CVSS
9.8AI Score
0.975EPSS
Inexistent Prevention of Duplicates
Lines of code https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/StabilityPool.sol#L626-L635 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/LQTY/LQTYStaking.sol#L203-L211 Vulnerability details Impact The CollateralConfig::initialize function...
6.7AI Score
Command Execution Vulnerability in Pan-Asia Classroom
Pan-Asia Classroom is an online classroom software. A command execution vulnerability exists in Pantheon Classroom, which can be exploited by an attacker to execute arbitrary...
7.7AI Score
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware...
AI Score
Upgraded Q -> 2 from #752 [1677633810856]
Judge has assessed an item in Issue #752 as 2 risk. The relevant finding follows: Possibility of MultiRewardEscrow.claimReward() to be vulnerable to a reentrancy attack There are a bunch of external calls before setting accruedRewards[user][_rewardTokens[i]]to zero. Malicious actors can add some...
6.8AI Score
Panmicro ecology9 SQL Injection Vulnerability
Ecology9 is a new and efficient collaborative office system created by Panmicro for medium and large organizations. There is a SQL injection vulnerability in Panmicro ecology9, which can be exploited by attackers to obtain sensitive database...
3.8AI Score
Congress is currently debating bills that would ban TikTok in the United States. We are here as technologists to tell you that this is a terrible idea and the side effects would be intolerable. Details matter. There are several ways Congress might ban TikTok, each with different efficacies and...
-0.6AI Score
5.3CVSS
6.2AI Score
0.944EPSS
受影响版本 4.0.0 <= Joomla <= 4.2.7 不受影响版本Joomla >= 4.2.8 ...
5.3CVSS
6.2AI Score
0.944EPSS
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat...
9.8CVSS
9.9AI Score
0.001EPSS
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat...
9.8CVSS
10AI Score
0.001EPSS
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat...
9.8CVSS
10AI Score
0.001EPSS
Mozilla Critical Services: Email user account in indexacao waybackurl
Indexing a large number of user emails on the Internet Archive. When leaked data, like user email addresses, are found in online search engine cache's like archive.org, Mozilla rewards bounty hunters who report it in two cases: - The volume of leaked data is large enough to warrant us contacting...
6.8AI Score
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat...
10AI Score
0.001EPSS
Lines of code Vulnerability details Impact In RewardThrottle, both checkRewardUnderflow and fillInEpochGaps call _fillInEpochGaps to fill the state of the previous epoch without profit, the difference being that checkRewardUnderflow will request the reward from the overflowPool and distribute the.....
6.7AI Score
Weak password vulnerability exists in CGW9000 of Shanghai Huanchuang Communication Technology Co.
Shanghai Huanchuang Communication Technology Co., Ltd. is a high-tech enterprise focusing on the research and development of wireless communication products for private networks, providing private network solutions for rail transportation, fire emergency, intelligent manufacturing, coal mining,...
6.7AI Score
Weak Password Vulnerability in CGW4700-RC of Shanghai Huanchuang Communication Technology Co.
Shanghai Huanchuang Communication Technology Co., Ltd. is a high-tech enterprise focusing on the research and development of wireless communication products for private network with the core of wireless communication technology, providing solutions for private network in rail transportation, fire.....
6.8AI Score
LinearDistributor.declareReward can revert due to dependency of balance
Lines of code https://github.com/code-423n4/2023-02-malt/blob/main/contracts/RewardSystem/LinearDistributor.sol#L185-L186 https://github.com/code-423n4/2023-02-malt/blob/main/contracts/RewardSystem/LinearDistributor.sol#L123-L136 Vulnerability details Impact LinearDistributor.declareReward will...
6.9AI Score
Weak Password Vulnerability in CGW4900 of Shanghai Huanchuang Communication Technology Co.
Shanghai Huanchuang Communication Technology Co., Ltd. is a high-tech enterprise focusing on the research and development of wireless communication products for private network with the core of wireless communication technology, providing solutions for private network in rail transportation, fire.....
6.8AI Score
Lines of code Vulnerability details Impact In LinearDistributor.declareReward , distributed represents the reward to distribute and is calculated using netVest(currentlyVested - previouslyVested). At the same time, distributed cannot exceed balance, which means that if balance < linearBondedValu...
6.9AI Score
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the.....
-0.5AI Score
Early staker can disable staking by issuing and sending a bit to Furance
Lines of code Vulnerability details This one is caused by mitigation to issue M-05 Impact Early issuer can issue less than one wad (e.g. 9e17 wei) and send it to the Furnace contract, then whenever anyone is trying to issue more RTokens melt() would be called, since there’s less than 1 wad in...
6.7AI Score
Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)
In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfence's highly...
8.8CVSS
AI Score
EPSS
Upgraded Q -> 2 from #206 [1676531414343]
Judge has assessed an item in Issue #206 as 2 risk. The relevant finding follows: Issue 2: receipts are not burned upon claiming reward. In my opinion, current system of just claiming some tokens to be "used" has some downsides: in any claim check, users spend gas to iterate over these tokens too.....
6.8AI Score
There is no way to recover from error state
Lines of code Vulnerability details Impact There is no way to recover from error state Proof of Concept To address report M-3, in PR, https://github.com/multisig-labs/gogopool/pull/20/files The finishFailedMinipoolByMultisig method removed, while this does not block user from withdraw the fund in.....
6.6AI Score
Slashed amount may not be cover the staker reward payout
Lines of code Vulnerability details Impact Slashed amount may not be cover the staker reward payout Proof of Concept In the current fix, https://github.com/multisig-labs/gogopool/pull/41 If the staked balance cannot cover the slashed amount, seize the staked balance. Staking staking =...
6.7AI Score
RewardsStartTime should be reset when decreaseAVAXAssigned is called
Lines of code https://github.com/multisig-labs/gogopool/blob/4bcef8b1d4e595c9ba41a091b2ebf1b45858f022/contracts/contract/Staking.sol#L125 https://github.com/multisig-labs/gogopool/blob/4bcef8b1d4e595c9ba41a091b2ebf1b45858f022/contracts/contract/ClaimNodeOp.sol#L78 Vulnerability details Impact...
6.8AI Score
What will it take for policy makers to take cybersecurity seriously? Not minimal-change seriously. Not here-and-there seriously. But really seriously. What will it take for policy makers to take cybersecurity seriously enough to enact substantive legislative changes that would address the...
-0.1AI Score