Costa Rica continues defence against sustained Conti ransomware attacks
It's not been plain sailing recently for Conti ransomware, the Ransomware as a Service (RaaS) group with several major attacks under its belt. In August last year, a pen tester leaked valuable manuals and documents related to the operation. These leaks continued as the Conti gang expressed support....
0.5AI Score
U.S. Offering $10 Million Reward for Information on Conti Ransomware Hackers
The U.S. State Department has announced rewards of up to $10 million for any information leading to the identification of key individuals who are part of the infamous Conti cybercrime gang. Additionally, it's offering another $5 million for intelligence information that could help arrest or...
1.3AI Score
Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager
CVE-2022-1388 https://support.f5.com/csp/article/K23605346...
9.8CVSS
1.1AI Score
0.975EPSS
Panmicro Cloud Bridge has SQL injection vulnerability
Panmicro Cloud Bridge (e-Bridge) is a system integration middleware for bridging open Internet resources and enterprise information systems. There is a SQL injection vulnerability in Panmicro Cloud Bridge, which can be exploited by attackers to obtain sensitive database...
3.8AI Score
PermissionlessBasicPoolFactory\addPool() doesn’t check whether pool.excessBeneficiary is address(0)
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L252 Vulnerability details Impact In PermissionlessBasicPoolFactory\addPool(), it doesn’t check whether pool.excessBeneficiary is address(0). Therefore, when doing...
6.8AI Score
Re-entrancy attack on the main functions
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L180 Vulnerability details Impact A malicious token, or one that implemented transfer hooks, could re-enter the public calling function (such as withdraw()) before proper internal.....
6.7AI Score
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L110 https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L227 Vulnerability details Impact Upon pool creation, the pool...
6.7AI Score
Lines of code Vulnerability details Impact Function deposit() of PermissionlessBasicPoolFactory supposed to revert if user send uninitialized poolId by mistake, but if user does this, attacker can perform front-running attack and create multiple pools with his smart contract and be owner of that...
6.9AI Score
Users Can Prevent Excess Tokens From Being Withdrawn By The Pool Creator In withdrawExcessRewards()
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L185-L189 https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L221 Vulnerability details Impact Because pools will likely never.....
6.9AI Score
Not all ERC20 tokens return boolean on transfer
Lines of code Vulnerability details Impact Some ERC20 tokens do not conform to the standard of returning a boolean when transfer is called. If one of these tokens is included as a reward token, the withdraw function will be irrevocably broken, and users won't be able to collect their reward or...
6.8AI Score
PermissionlessBasicPoolFactory use hard coded decimals of 18
Lines of code Vulnerability details Once reward/deposit tokens decimals differ from 18 the calculations with a hard coded 1e18 will become grossly incorrect. This will lead either to receiving no rewards: say deposit is USDC with decimals of 6, being divided by 1e18 it adds 1e-12 to the rewards...
6.8AI Score
PermissionlessBasicPoolFactory.sol Does Not Support Reward Tokens With Decimals Other Than 18
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L220 https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L279-L283...
6.7AI Score
PermissionlessBasicPoolFactory.sol Does Not Support Reward Tokens With Decimals Other Than 18
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L156-L173 https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L142...
6.7AI Score
Reward Token Transfer Failure Can Lead to Loss of Deposit in PermissionlessBasicPoolFactory
Lines of code Vulnerability details Impact If transfer of any reward token returns False or reverts for whatever reason, users who deposited will not be able to withdraw their deposit. A malicious pool creator could abuse this to lock tokens from victims by using two reward tokens, one...
6.7AI Score
Pool Creators Can Reject Taxes From Being Withdrawn
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/PermissionlessBasicPoolFactory.sol#L224-L231 Vulnerability details Impact Upon pool creation, stakers can opt to earn rewards by staking their deposit tokens. When these deposit tokens are withdrawn, reward tokens...
6.7AI Score
Lines of code https://github.com/code-423n4/2022-05-factorydao/blob/db415804c06143d8af6880bc4cda7222e5463c0e/contracts/PermissionlessBasicPoolFactory.sol#L224 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept If an attacker makes many deposits of 1...
6.7AI Score
Steer clear of fake premium mobile app unlockers
A site has been bouncing around YouTube comments for the past couple of weeks. The site sometimes changes, the messages alter slightly, but the essence remains the same: In all cases, people acting in suspiciously automated fashion ask if everyone is using this "glitch" or generator without ever...
-0.2AI Score
Airdrop phishing: what is it, and how is my cryptocurrency at risk?
Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures scammers get a slice of the money pie. You may well have heard the term in passing, and wondered what an Airdrop is. Is your iPhone about to be Airdrop...
7AI Score
Lines of code https://github.com/code-423n4/2022-04-mimo/blob/b18670f44d595483df2c0f76d1c57a7bfbfbc083/core/contracts/liquidityMining/v2/GenericMinerV2.sol#L88-L94 Vulnerability details Impact Users aware of this vulnerability could effectively steal a portion of liquidity mining rewards from...
6.7AI Score
Lines of code Vulnerability details Impact Attacker can generate more PAR and MIMO reward for himself and steal others rewards by staking in VotingEscrow then calling updateBoost() (which updates user.stakeWithBoost based on user boost multiplier (which is based on user VotingEscrow balance)...
6.8AI Score
In GenericMinerV2 get more reward by staking in votingEscrow and calling syncStake()
Lines of code https://github.com/code-423n4/2022-04-mimo/blob/b18670f44d595483df2c0f76d1c57a7bfbfbc083/core/contracts/liquidityMining/v2/VotingMinerV2.sol#L67-L71 Vulnerability details Impact User can withdraw & deposit in votingEscrow contract and then call syncStake() function of VotingMinerV2...
7AI Score
Manager or owner can send rewards to any address
Lines of code Vulnerability details Impact In the claimRewards function, manager or owner can send rewards to any address. function claimRewards(address _to) external onlyManagerOrOwner returns (bool) { require(_to != address(0), "AaveV3YS/payee-not-zero-address"); address[] memory...
6.9AI Score
Exploit for Code Injection in Vmware Spring Framework
漏洞简介 最近spring爆出重磅级CVE漏洞,cve信息显示"A Spring MVC or Spring...
9.8CVSS
10AI Score
0.975EPSS
claimRewards() didnt follow the safe check effect pattern
Judge @GalloDaSballo has assessed the 2nd item in QA Report #230 as Medium risk. The relevant finding follows: … Impact a user can claim a reward by calling the claimRewards(), however this function didnt follow the correct check effect pattern, where the zero address is set after making an...
6.9AI Score
Reentrency in claimRewards in ConcurRewardPool
Judge @GalloDaSballo has assessed the 1st item in QA Report #163 as Medium risk. The relevant finding follows: … Reentrency in claimRewards in ConcurRewardPool The function claimRewards is open to reenterncy, if the safeTransfer function of a token calls the claimRewards again the tokens can be...
6.9AI Score
Lines of code https://github.com/code-423n4/2022-04-mimo/blob/b18670f44d595483df2c0f76d1c57a7bfbfbc083/core/contracts/liquidityMining/PARMiner.sol#L257-L279 Vulnerability details Impact For the PARMiner and DemandMiner contracts, arbitrage bots could harvest significant portion of rewards by...
6.7AI Score
Cisco Adaptive Security Appliance和Firepower Threat Defense信息泄露漏洞
Cisco Firepower Threat Defense and Cisco Adaptive Security Appliances Software are both products of Cisco, Inc. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides highly secure access to data and network resources, among other...
1.8AI Score
Beijing Netnifty Security Gateway has a weak password vulnerability
Beijing Netnifty Information Technology Company is a leading enterprise in the domestic information security industry, specializing in the research and development, production and sales of information security products, and providing hierarchical overall security solutions and security...
1.5AI Score
Judge @GalloDaSballo has assessed the 11th item in QA Report #26 as Medium risk. The relevant finding follows: … Contract: https://github.com/code-423n4/2022-02-concur/blob/main/contracts/StakingRewards.sol In notifyRewardAmount function, if Admin added a reward 100 once block.timestamp >=...
6.8AI Score
Potential reentrance in claimRewards
Judge @GalloDaSballo has assessed the 1st item in QA Report #36 as Medium risk. The relevant finding follows: … POC IERC20(_tokens[i]).safeTransfer(msg.sender, getting); reward[msg.sender][_tokens[i]] = 0; Considering there are exterTokens, it is possible that some token...
6.9AI Score
U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers
The U.S. government on Tuesday announced up to $10 million in rewards for information on six hackers associated with the Russian military intelligence service. "These individuals participated in malicious cyber activities on behalf of the Russian government against U.S. critical infrastructure in.....
1.5AI Score
AmmGauge stake allows for reentrancy that can lead to stealing the contract balance
Lines of code Vulnerability details Impact Some ERC20 do allow for user's control of execution. For example, ERC777 has tokensReceived() hook. This way, an ability to reenter can be executed with the usage of any such tokens. AmmGauge stake do not control for reentrancy and uses balance difference....
7AI Score
_incrementGaugeWeight allows user to add weight to nonexistent gauges
Lines of code Vulnerability details Impact User adds weight to a gauge that hasn't been added In addition to adding to a nonexistent gauge it also increments _totalWeight which only contains weight for live gauges. This value then results in...
6.8AI Score
setFlywheelRewards can take any rewardToken
Lines of code Vulnerability details Impact Though setFlywheelRewards has requiresAuth, it still has rug risk that a privileged user can move all rewardToken of flywheelRewards to new (malicious) newFlywheelRewards unconditionally. Proof of Concept A malicious user or a compromised admin can call...
6.8AI Score
[WP-H15] AmmConvexGauge.sol#poolCheckpoint() cvxStakedIntegral can be manipulated by the attacker
Lines of code Vulnerability details function poolCheckpoint() public virtual override returns (bool) { if (killed) { return false; } uint256 timeElapsed = block.timestamp - uint256(ammLastUpdated); uint256 currentRate =...
6.8AI Score
FlywheelCore's setFlywheelRewards can remove access to reward funds from current users
Lines of code Vulnerability details Impact FlywheelCore.setFlywheelRewards can remove current reward funds from the current users' reach as it doesn't check that newFlywheelRewards' FlywheelCore is this contract. If it's not, by mistake or with a malicious intent, the users will lose the access to....
6.8AI Score
Lines of code Vulnerability details Impact The bug in "StakerVault.transfer" function (which is externally callable) is that first it is updating the balance of sender and receiver then it calls ILpGauge(lpGauge).userCheckpoint for those addresses. Function userCheckpoint use balance of address to....
6.7AI Score
Researchers Takeover Unpatched 3rd-Party Antivirus Sandboxes via VirusTotal
Security researchers have disclosed a security issue that could have allowed attackers to weaponize the VirusTotal platform as a conduit to achieve remote code execution (RCE) on unpatched third-party sandboxing machines employed antivirus engines. The flaw, now patched, made it possible to...
10CVSS
2.2AI Score
0.975EPSS
Exploit for Uncontrolled Search Path Element in Honeywell Softmaster
CVE-2022-2333 搞了大半年,给大家康个好康的 sxf vpn 大家喜欢吗 我不太喜欢...
8.8CVSS
0.3AI Score
0.001EPSS
Exploit for Command Injection in Gerapy
cve-2021-32849 cve-2021-32849(gerapy命令执行) 使用方式...
8.8CVSS
8.8AI Score
0.033EPSS
FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide
The U.S. Federal Bureau of Investigation (FBI) is sounding the alarm on the BlackCat ransomware-as-a-service (RaaS), which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and Noberus, the malware is notable for being...
0.9AI Score
User can steal all rewards due to checkpoint after transfer
Lines of code Vulnerability details Impact I believe this to be a high severity vulnerability that is potentially included in the currently deployed StakerVault.sol contract also. The team will be contacted immediately following the submission of this report. In StakerVault.sol, the user...
6.7AI Score
FlywheelCore.setBooster() can be used to steal unclaimed rewards
Lines of code Vulnerability details Impact A malicious authorized user can steal all unclaimed rewards and break the reward accounting Even if the authorized user is benevolent the fact that there is a rug vector available may negatively impact the protocol's reputation. Furthermore since this...
6.9AI Score
Exploit for Incorrect Default Permissions in Kingsoft Wps Office
CVE-2022-24934 漏洞概述 WPS...
7.8CVSS
6.8AI Score
0.001EPSS
Beware of fake Twitter philanthropists offering to put $750 into your Cash App account
Twitter philanthropists are a controversial emergence on the social media platform. In essence, Twitter-based philanthropy is about incredibly rich people helping out those who need it. The help is random, and often focused around performing a task like listening to a podcast or simply retweeting.....
0.1AI Score
Lines of code Vulnerability details Impact The _incrementGaugeWeight function is used to increase the user's weight on the gauge. However, in the _incrementGaugeWeight function, it is only checked that the gauge parameter is not in _deprecatedGauges, but not checked that the gauge parameter is in.....
6.6AI Score
WordPress VikBooking Hotel Booking Engine & PMS plugin信息泄露漏洞
WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress VikBooking Hotel...
1.7AI Score
Exploit for Unrestricted Upload of File with Dangerous Type in Elementor Website Builder
CVE-2022-1329-WordPress-Elementor-RCE...
8.8CVSS
8.8AI Score
0.96EPSS
Tyler Technologies Tyler Odyssey信息泄露漏洞
Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, Inc. An information disclosure vulnerability exists in versions of Tyler Technologies Tyler Odyssey prior to 17.1.20, which stems from an insecure direct object reference issue in the platform. An...
7.5CVSS
2AI Score
0.002EPSS
IBM Aspera High-Speed Transfer信息泄露漏洞
IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which.....
3.6AI Score