[ADRIRO-NEW-H-01] VotiumStrategy withdrawal can still be executed with minimal delay
Lines of code Vulnerability details Summary Within the mitigation changes, the sponsor has introduced a minimum delay of one epoch for VotiumStrategy withdrawals, in order to mitigate different issues related to the exposure to CVX . The fix contains an edge case which could still be used to make.....
6.9AI Score
Lines of code Vulnerability details Mitigation of M-07: Issue NOT fully mitigated with ERROR Mitigated issue M-07: Lack of access control and value validation in the reward flow exposes functions to public access The issue was that anyone can deposit rewards to AfEth, and that if AfEth or...
7AI Score
Lines of code Vulnerability details Original Issue M-05: Reward sandwiching in VotiumStrategy Details The issue outlined above is about making instant profit by depositing before the boost happens and withdrawing right after the boost occurs. Those who locked their positions for 16+ weeks get...
6.8AI Score
Internet Behavior Manager (IBM), a new-generation high-performance Internet behavior management product, is equipped with the functions of integrated network access, control, optimization, audit and operation. There is an information leakage vulnerability in Qixingchen Tianyue Network Security...
6.5AI Score
Unleashing the Power of the Internet of Things and Cyber Security
Due to the rapid evolution of technology, the Internet of Things (IoT) is changing the way business is conducted around the world. This advancement and the power of the IoT have been nothing short of transformational in making data-driven decisions, accelerating efficiencies, and streamlining...
7AI Score
Exploit for Improper Authentication in Fit2Cloud Jumpserver
CVE-2023-42442 CVE-2023-42442 JumpServer Session 录像任意下载漏洞...
8.2CVSS
5.4AI Score
0.831EPSS
5.3CVSS
7.4AI Score
0.949EPSS
CVE-2023-5070 Social Media Share Buttons & Social Sharing...
6.5CVSS
6.9AI Score
0.0005EPSS
Exploit for Improper Access Control in Ruijie Rg-Ew1200G Firmware
Ruijie-RG-EW1200G CVE-2023-4169_CVE-2023-3306_CVE-2023-4415...
9.1AI Score
Exploit for Improper Authentication in Ruijienetworks Rg-Ew1200G Firmware
Ruijie-RG-EW1200G CVE-2023-4169_CVE-2023-3306_CVE-2023-4415...
8.8CVSS
8.9AI Score
0.005EPSS
Exploit for Improper Authentication in Ruijienetworks Rg-Ew1200G Firmware
Ruijie-RG-EW1200G CVE-2023-4169_CVE-2023-3306_CVE-2023-4415...
8.8CVSS
8.9AI Score
0.005EPSS
File Upload Vulnerability in Qixingchen Tianyue Network Security Audit System
Providence Peak Network Security Audit System is a compliance management system for fine-grained auditing of users' operations on core IT assets and servers in the network under business environment. A file upload vulnerability exists in Tianyue Network Security Audit System, which can be...
7.3AI Score
9.8CVSS
9.3AI Score
0.003EPSS
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and...
7.5CVSS
7.5AI Score
0.001EPSS
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and...
7.5CVSS
7.5AI Score
0.001EPSS
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and...
7.5CVSS
7.5AI Score
0.001EPSS
Providence Peak Network Security Audit System is a compliance management system for fine-grained auditing of network operation behaviors in business environments. A command execution vulnerability exists in the Tianyue Network Security Audit System of Qixing Information Technology Group Co., Ltd,.....
7.9AI Score
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and...
7.7AI Score
0.001EPSS
Microsoft Defender for Endpoint now stops human-operated attacks on its own
Defenders need every edge they can get in the fight against ransomware. Today, we're pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other...
7.4AI Score
Microsoft Defender for Endpoint now stops human-operated attacks on its own
Defenders need every edge they can get in the fight against ransomware. Today, we're pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other...
7.4AI Score
9.8CVSS
9.7AI Score
0.899EPSS
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L237-L253...
6.9AI Score
Validate poolIdx input to prevent storage corruption in critical functions.
Lines of code Vulnerability details Impact No validation on poolIdx input for key functions like claimConcentratedRewards. Could pass invalid poolId and corrupt storage. Proof of Concept The claimConcentratedRewards function. It takes in a poolIdx as one of the parameters: function...
7.2AI Score
Rounding error leading to no reward being sent
Lines of code https://github.com/code-423n4/2023-10-canto/blob/main/canto_ambient/contracts/mixins/LiquidityMining.sol#L277-L280 Vulnerability details Impact Rounding errors could occur if the provided amount is too small, Proof of Concept...
7AI Score
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L87...
6.8AI Score
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L245-L247 Vulnerability details Impact It is possible for a bad player to use flashloan to manipulate the system by making "valuable" LP to get....
6.9AI Score
Manipulation of Overall Liquidity Calculation
Lines of code Vulnerability details Impact in this part in code : https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L276C12-L290C2 is handle the claiming of rewards for liquidity mining. It calculates...
7.1AI Score
The Liquidity mining callpath sidecar owner can pull native tokens from the Dex
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/callpaths/LiquidityMiningPath.sol#L74 Vulnerability details Impact The owner of liquidity mining sidecar can pull the native coins that are stored in the CrocSwapDex to...
6.7AI Score
Race condition on timeWeightedWeeklyGlobalConcLiquidityLastSet_ can lead to incorrect rewards.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L62...
7AI Score
Event not emitted after sensitive action of setting new concentrated and ambient rewards.
Lines of code Vulnerability details Impact The 'setConcRewards' and 'setAmbRewards' doesn't emit event to to signify to all parties involved the new concentrated and ambient results. Proof of Concept A user not aware of new reward price might suppose he/she have been swindled upon realizing that...
7.2AI Score
Access control check in the setAmbRewards and setAmbRewards functions is missing
Lines of code Vulnerability details Impact Any user can call the setAmbRewards and setAmbRewards functions and set their values for weeklyReward, which opens up many attack vectors. For example, it is possible to set a large reward and withdraw all funds from the protocol. Proof of Concept...
7AI Score
Lack of proper access restrictions on functions setConcRewards() and setAmbRewards()
Lines of code Vulnerability details Impact Contract Reward distribution can be drained / manipulated Proof of Concept For setConcRewards() and setAmbRewards(), they are both lack of proper access restrictions, leads to the situation that anyone can execute these functions. This oversight presents.....
7.3AI Score
No access control on protocolCmd and userCmd; potential for abuse.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/callpaths/LiquidityMiningPath.sol#L41-L52 Vulnerability details Impact There is no access control on the protocolCmd and userCmd functions in LiquidityMiningPath. This...
7.4AI Score
Protect against griefing by allowing only owner to manipulate global liquidity.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L156-L168 Vulnerability details Impact There don't seem to be protections against a malicious actor griefing others by manipulating the global.....
6.8AI Score
Lines of code Vulnerability details Impact There is no check that the ticks passed into claimConcentratedRewards actually match the position's ticks. A user could pass in arbitrary ticks to try to claim rewards for liquidity they don't own. Proof of Concept The claimConcentratedRewards function...
6.8AI Score
Lack of validation allows invalid ticks, impacting data integrity.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L29-L31...
7AI Score
Reentrancy is possible in claim functions, which call out via .call().
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L256-L289...
6.8AI Score
LiquidityMining.sol cannot be funded for rewards distribution.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L285-L289 Vulnerability details During a rewards claim LiquidityMining.sol uses a low-level call with the msg.value as the rewardsToSend to the....
7AI Score
Limit accrueConcentratedPositionTimeWeightedLiquidity calls to prevent reward manipulation.
Lines of code https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L69-L154...
6.8AI Score
Front-Running Vulnerability: Exploiting Reward Updates for Maximized Payouts
Lines of code https://github.com/code-423n4/2023-10-canto/blob/main/canto_ambient/contracts/mixins/LiquidityMining.sol#L156-L196 https://github.com/code-423n4/2023-10-canto/blob/main/canto_ambient/contracts/mixins/LiquidityMining.sol#L256-L289 Vulnerability details Impact Malicious users claim...
6.9AI Score
Slippage attack on claiming rewards
Lines of code Vulnerability details Impact Exploiter can abuse slippage to claim more weekly reward. The amount of slippage damage is unclear due to lack of deployment context and testing. Worst case scenario is the exploiter own 100% deposit of single pool allowing extreme slippage to steal...
6.8AI Score
No poolIdx validation; arbitrary values can corrupt storage, require validation.
Lines of code Vulnerability details Impact No validation on poolIdx input for key functions like claimConcentratedRewards. Could pass invalid poolId and corrupt storage. The claimConcentratedRewards function is defined on LiquidityMining.sol. It takes in a poolIdx as one of the parameters function....
7.2AI Score
Lines of code Vulnerability details Impact there is a problem in that contract especiall when updating tickTrackingIndex within the loop an attacker can manipulate the values of enterTimestamp and exitTimestamp to force tickActiveEnd to be significantly larger than tickActiveStart inflate the...
6.8AI Score
Exploit for Out-of-bounds Write in Google Chrome
中文 | EN CVE-2023-4863 libwebp dependency...
9AI Score
Exim finally fixes 3 out of 6 vulnerabilities
Exim is a message transfer agent (MTA) originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million...
7.4AI Score
EPSS
Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware
New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of...
6.7AI Score
User Score Not Updated During Interest Claim, Leading to Incorrect Interest Calculations
Lines of code https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/Prime.sol#L597-L601 https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/Prime.sol#L672-L697 Vulnerability details Impact This oversight in the contract logic may lead to incorrect...
7.1AI Score
Incorrect Score calculation in Prime.sol
Lines of code https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/Prime.sol#L872-L897 https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/libs/Scores.sol#L1-L70 Vulnerability details Impact Score is not calculated correctly; improperly high weight.....
7AI Score
Update score system can be bricked
Lines of code Vulnerability details Impact The updateScores function is used to manually update users scores, devlopers have shared their reasoning of this in the documentation. Any change in the alpha and the multipliers will unbalace the reward system because the change cannot be propagated to...
6.9AI Score
Lines of code https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/Prime.sol#L331-L359 https://github.com/code-423n4/2023-09-venus/blob/main/contracts/Tokens/Prime/Prime.sol#L365-L382...
6.9AI Score