U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in....
6.4AI Score
Russian Hacker “Wazawaka” Indicted for Ransomware
A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev, a.k.a. "Wazawaka" and "Boriselcin" worked with...
6.9AI Score
Exploit for Deserialization of Untrusted Data in Apache Kafka
Flink-Kafka-Vul Apache Flink远程代码执行漏洞。 Apache Flink Web...
8.8CVSS
7.1AI Score
0.968EPSS
AMO2 doesn't add the lp balance of the CVXStaker to the withdrawable token amount
Lines of code https://github.com/code-423n4/2023-05-xeth/blob/main/src/AMO2.sol#L599-L606 https://github.com/code-423n4/2023-05-xeth/blob/main/src/AMO2.sol#L631-L638 https://github.com/code-423n4/2023-05-xeth/blob/main/src/CVXStaker.sol#L204-L206 Vulnerability details Impact The lp tokens held by.....
6.7AI Score
Inconsistent check for LP balance in AMO
Lines of code https://github.com/code-423n4/2023-05-xeth/blob/main/src/AMO2.sol#L600-L604 https://github.com/code-423n4/2023-05-xeth/blob/main/src/AMO2.sol#L632-L636 Vulnerability details Inconsistent check for LP balance in AMO While pulling LP tokens from the CVXStaker contract, the AMO queries.....
6.6AI Score
preBorrowHook and preRepayHook can call updateRewardTokenBorrowIndex with old borrowIndex
Lines of code Vulnerability details Impact Under normal circumstances, the user calls VToken.borrow, further calls accrueInterest to update borrowIndex, and then calls preBorrowHook to trigger updateRewardTokenBorrowIndex. But since preBorrowHook is an externl function, an attacker can directly...
6.8AI Score
Unfair handling of rewards for users with a high amount of rewards
Lines of code Vulnerability details Users can claim their rewards in RewardDistributor.claimRewardToken(). The reward handling part is done in _grantRewardToken(): 416: function _grantRewardToken(address user, uint256 amount) internal returns (uint256) { 417: uint256 rewardTokenRemaining =...
6.7AI Score
Lines of code Vulnerability details Proof of Concept The storage array rewardsDistributors will be used to distribute the rewards across the hooks in Comptroller.sol, namely preMintHook(), preRedeemHook(), preBorrowHook(), preRepayHook(), preSeizeHook() and preTransferHook()...
6.7AI Score
Lines of code Vulnerability details Holders only get the rewards they Accrued for supplying when they claim rewards in the RewardsDistributor.sol . Summary The holder only gets rewards for supplying instead of getting the rewards for both borrowing and supplying in martkets because in the...
6.8AI Score
Zero token transfer can cause a potential DoS in CVXStaker
Lines of code Vulnerability details Zero token transfer can cause a potential DoS in CVXStaker The CVXStaker contract doesn't check for zero amount while transferring rewards, which can end up blocking the operation. Impact The CVXStaker contract is in charge of handling interaction with the...
7AI Score
CVXStaker.sol Unable to process newly add rewardTokens
Lines of code Vulnerability details Impact The lack of a mechanism to modify rewardTokens[] If convex adds new extraRewards CVXStaker.sol cannot transfer the added token Proof of Concept CVXStaker.sol will pass in rewardTokens[] in constructor and in getReward(), loop this array to transfer...
6.9AI Score
Comptroller.sol#healAccount did not call updateRewardTokenBorrowIndex to update the reward
Lines of code Vulnerability details Impact healAccount should call updateRewardTokenBorrowIndex to calculate the reward before affecting the debt value. Proof of Concept Tools Used manual Recommended Mitigation Steps call updateRewardTokenBorrowIndex before heal account. Assessed type Other The...
6.9AI Score
Missing transaction expiration check result in asset tokens selling at a lower price
Lines of code Vulnerability details Impact Selling of asset tokens misses the transaction expiration check, which may lead to reward tokens being sold at a price that's lower than the market price at the moment of a swap. Proof of Concept The _swapAsset() function, which is responsible for selling....
6.8AI Score
Lack of Access Control in claimRewards Function
Lines of code Vulnerability details Impact The calculateNewRewards function should also check whether the rewardsCapped variable is greater than the rewardsClaimedInEpoch_ variable to ensure that rewards are not claimed that exceed the reward cap, because an attacker could exploit this...
6.7AI Score
Delegation rewards are not counted toward granting fund
Lines of code https://github.com/code-423n4/2023-05-ajna/blob/276942bc2f97488d07b887c8edceaaab7a5c3964/ajna-grants/src/grants/base/StandardFunding.sol#L216-L217 Vulnerability details Impact Each period reserves a reward for granting up to 3% (GBC: Global Budget Constraint). The GBC is split into...
7AI Score
Division by Zero Vulnerability in _calculateNewRewards function.
Lines of code Vulnerability details Impact The _calculateNewRewards function in the smart contract performs a division operation with totalInterestEarnedInPeriod, which could be zero, but there is a problem that can result in a division-by-zero error, causing the smart contract to behave...
6.9AI Score
Treasury accounting miss voters rewards
Lines of code Vulnerability details treasury is overstated over time as each distribution period it adds back the delegate rewards part, which is actually spent on voters rewards. I.e. it is updated with fundsAvailable - totalTokensRequested difference, while totalTokensRequested is limited to 90%....
6.6AI Score
Incorrect calculation of the remaining updatedRewards leads to possible underflow error
Lines of code https://github.com/code-423n4/2023-05-ajna/blob/276942bc2f97488d07b887c8edceaaab7a5c3964/ajna-core/src/RewardsManager.sol#L725 Vulnerability details Impact RewardsManage.sol keeps track of the total number of rewards collected per epoch for all pools: File:...
6.8AI Score
Lines of code Vulnerability details Impact The current stake function lacks checks to prevent a lender from staking multiple NFTs in the same Ajna pool. This could lead to an abuse of the system where a lender stakes multiple NFTs for the same liquidity position, potentially earning more rewards...
6.7AI Score
Lines of code https://github.com/code-423n4/2023-05-ajna/blob/d80daab705a066828ef1c5d9ba85f315c7c932db/ajna-core/src/RewardsManager.sol#L207-L260 https://github.com/code-423n4/2023-05-ajna/blob/d80daab705a066828ef1c5d9ba85f315c7c932db/ajna-core/src/PositionManager.sol#L227-L241 Vulnerability...
6.8AI Score
Logic error in _transferAjnaRewards function
Lines of code Vulnerability details Context: ajna-core/src/RewardsManager.sol: 836 */ 837: function transferAjnaRewards(uint256 rewardsEarned ) internal { 838: // check that rewards earned isn't greater than remaining balance 839: // if remaining balance is...
6.8AI Score
_updateBucketExchangeRates could possibly revert
Lines of code https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#L693-L731 https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#L697 https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#L653-L655...
7.3AI Score
Lines of code Vulnerability details Impact The current implementation of the mint function allows a lender to mint multiple position NFTs for the same Ajna pool deposit. This could lead to an inflation of NFTs and potentially disrupt the system's reward distribution, as the lender could stake...
6.9AI Score
A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The...
7.5CVSS
7.5AI Score
0.002EPSS
A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The....
7.5CVSS
7.6AI Score
0.002EPSS
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown is part of an ongoing international initiative dubbed Operation PowerOFF that's aimed at dismantling criminal DDoS-for-hire infrastructures worldwide. The...
6.6AI Score
Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC...
6.1CVSS
6.3AI Score
0.001EPSS
Mitigation of M-11: Issue NOT mitigated
Mitigated issue M-11: Residual ETH unreachable and unuitilized in SafEth.sol The issue was that the rounding losses from partitioning msg.value in stake() and rebalanceToWeights() was left irretrievably in the contract. Mitigation review Previously rebalanceToWeights() withdrew all staked funds...
6.7AI Score
Exploit for Improper Ownership Management in Linux Linux Kernel
README `` gcc -Wall exp.cpkg-config fuse --cflags...
7.8CVSS
7.5AI Score
0.0004EPSS
$10M Is Yours If You Can Get This Guy to Leave Russia
The U.S. government this week put a $10 million bounty on a Russian man who for the past 18 years operated Try2Check, one of the cybercrime underground's most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov's card-checking...
6.8AI Score
VMware Releases Critical Patches for Workstation and Fusion Software
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 (CVSS score: 9.3), is described as a stack-based...
6.8AI Score
0.258EPSS
Starting a Career in Tech? Learn How Rapid7’s Emerging Talent Programmes Foster Long-Term Success
Rapid7’s Emerging Talent Programmes pave the way for early career professionals to have a successful career in tech. In Belfast, we offer both an Apprentice Programme and a Placement Programme to support new talent coming into the tech field. The Apprentice Programme is designed for individuals...
6.5AI Score
Reflected Cross-Site Scripting (XSS) vulnerability in Denis 微信机器人高级版 plugin <= 6.0.1...
6.1CVSS
6.2AI Score
0.0005EPSS
Reflected Cross-Site Scripting (XSS) vulnerability in Denis 微信机器人高级版 plugin <= 6.0.1...
7.1CVSS
5.9AI Score
0.0005EPSS
CVE-2022-45837 WordPress 微信机器人高级版 Plugin <= 6.0.1 is vulnerable to Cross Site Scripting (XSS)
Reflected Cross-Site Scripting (XSS) vulnerability in Denis 微信机器人高级版 plugin <= 6.0.1...
7.1CVSS
6.3AI Score
0.0005EPSS
Exploit for SQL Injection in Jeecg Jeecg-Boot
CVE-2023-1454 jmreport/qurestSql 未授权SQL注入批量扫描poc...
9.8CVSS
9.3AI Score
0.091EPSS
Binary Vulnerability in Unisys Browser by Unisys Software Technology Co.
Unisys Software Technology Co., Ltd. is a company specializing in the development and service of operating systems. Unisys Software Technology Limited Unisys Browser suffers from a binary vulnerability that can be exploited by attackers to execute arbitrary...
7.5AI Score
Lines of code https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Position.sol#L329-L354 https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/MintingHub.sol#L252-L276 Vulnerability details...
6.7AI Score
Attacker can extract unlimited ZCHF by setting a high price for a position and challenging it
Lines of code Vulnerability details An attacker can act as both minter and challenger, and profit by setting an arbitrarily high price for a position (way higher than what the collateral really is worth), and then immediately challenging the position. After the challenge succeeds, the attacker...
6.3AI Score
Result of transferFrom and transfer are not checked.
Lines of code Vulnerability details [M-01] result of transferFrom and transfer are not checked. It may lead to assets lost if the transfer is somehow failed. below are some examples: contracts/Position.sol 138: collateral.transferFrom(msg.sender, address(this), newCollateral - colbal); 228:...
6.9AI Score
Challenger incentives can be inflated with external transfers
Lines of code Vulnerability details Impact The function notifyChallengeSucceeded calculates the volume of ZCHF to be repaid, which is then used to calculate the reward for the challenger. The challenger can however artificially inflate this value. A challenger can start a challenge on an...
6.6AI Score
Challenging invalid positions can allow an attacker to reward himself with infinite tokens
Lines of code https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L140 Vulnerability details Impact An attacker can mint himself as many Frankencoins as he wants in a single transaction by challenging an invalid position. Proof of Concept Steps overview: Since...
6.8AI Score
end() reverts if bidder blacklisted by collateral token, grieving challenger
Lines of code https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Position.sol#L269 Vulnerability details A successful challenge can be ended via MintingHub.end(). This transfers challenge.size collateral back to the challenger, before repaying....
6.7AI Score
7.4AI Score
9.8CVSS
9.3AI Score
0.091EPSS
9.8CVSS
9.3AI Score
0.091EPSS
Google Pay accidentally handed out free money, bug now fixed
Days ago, several Google Pay users in the US received some unexpected cashback from Google, congratulating them "for dogfooding the Google Pay Remittance experience". Confused (and a tad happy), some looked to Twitter for answers, while others aired their experiences on the /r/googlepay/ Reddit...
6.5AI Score
6.8AI Score
Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service Exploit
Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on...
6.5AI Score
Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS)
Title: Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS) Advisory ID: ZSL-2023-5770 Type: Local Impact: DoS Risk: (3/5) Release Date: 11.04.2023 Summary Google Chrome browser is a free web browser used for accessing the internet and running web-based applications....
7.1AI Score