Lucene search

K

微信打赏(Wechat Reward) Security Vulnerabilities

code423n4
code423n4

end() reverts if bidder blacklisted by collateral token, grieving challenger

Lines of code https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Position.sol#L269 Vulnerability details A successful challenge can be ended via MintingHub.end(). This transfers challenge.size collateral back to the challenger, before repaying....

6.7AI Score

2023-04-19 12:00 AM
5
githubexploit
githubexploit

Exploit for SQL Injection in Jeecg Jeecg-Boot

CVE-2023-1454 CVE-2023-1454漏洞检测脚本...

9.8CVSS

9.3AI Score

0.091EPSS

2023-04-13 07:56 PM
187
githubexploit
githubexploit

Exploit for SQL Injection in Jeecg Jeecg-Boot

CVE-2023-1454 CVE-2023-1454漏洞检测脚本...

9.8CVSS

9.3AI Score

0.091EPSS

2023-04-13 07:56 PM
345
malwarebytes
malwarebytes

Google Pay accidentally handed out free money, bug now fixed

Days ago, several Google Pay users in the US received some unexpected cashback from Google, congratulating them "for dogfooding the Google Pay Remittance experience". Confused (and a tad happy), some looked to Twitter for answers, while others aired their experiences on the /r/googlepay/ Reddit...

6.5AI Score

2023-04-13 02:00 AM
9
zdt
zdt

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service Exploit

Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on...

6.5AI Score

2023-04-12 12:00 AM
183
zeroscience
zeroscience

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Title: Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash (macOS) Advisory ID: ZSL-2023-5770 Type: Local Impact: DoS Risk: (3/5) Release Date: 11.04.2023 Summary Google Chrome browser is a free web browser used for accessing the internet and running web-based applications....

7.1AI Score

2023-04-11 12:00 AM
129
githubexploit
githubexploit

Exploit for SQL Injection in Jeecg Jeecg-Boot

CVE-2023-1454 jmreport/qurestSql 未授权SQL注入批量扫描poc...

9.8CVSS

9.3AI Score

0.091EPSS

2023-04-07 03:30 AM
223
githubexploit

7.5CVSS

7.9AI Score

0.885EPSS

2023-04-06 12:29 PM
190
thn
thn

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not...

9.8CVSS

9.8AI Score

0.955EPSS

2023-04-04 01:16 PM
56
code423n4
code423n4

Upgraded Q -> 2 from #17 [1680620822176]

Judge has assessed an item in Issue #17 as 2 risk. The relevant finding follows: [L-10] It is possible in theory that stakes get locked due to call to LockTo with very small reward amount I pointed out and explained in my report #7 MuteBond.sol: deposit function reverts if remaining payout is very....

6.7AI Score

2023-04-04 12:00 AM
3
code423n4
code423n4

Upgraded Q -> 2 from #17 [1680620718364]

Judge has assessed an item in Issue #17 as 2 risk. The relevant finding follows: [L-05] Check that staking cannot occur when endTime is reached The MuteAmplifier.stake function should require that the current timestamp is smaller than endTime even when the call to stake is the first that ever...

6.7AI Score

2023-04-04 12:00 AM
3
openbugbounty
openbugbounty

reward-partners.net Cross Site Scripting vulnerability OBB-3245111

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

5.9AI Score

2023-04-03 08:19 AM
11
code423n4
code423n4

Award is still distributed when there aren't any stakers, allowing users to get reward without staking

Lines of code Vulnerability details Proof of Concept Consider the update modifier for the amplifier. modifier update() { if (_mostRecentValueCalcTime == 0) { _mostRecentValueCalcTime = firstStakeTime; } uint256 totalCurrentStake = totalStake(); if...

6.8AI Score

2023-04-03 12:00 AM
7
code423n4
code423n4

MuteAmplifier.rescueTokens() checks the wrong condition for muteToken

Lines of code Vulnerability details Impact There will be 2 impacts. The reward system would be broken as the rewards can be withdrawn before starting staking. Some rewards would be locked inside the contract forever as it doesn't check totalReclaimed Proof of Concept rescueTokens() checks the...

6.9AI Score

2023-04-03 12:00 AM
4
code423n4
code423n4

A user can 'borrow' dMute balance for a single block to increase their amplifier APY

Lines of code Vulnerability details The amplifier's APY is calculated based on the user's dMute balance (delegation balance to be more accurate) - the more dMute the user holds the higher APY they get. However, the contract only checks the user's dMute balance at staking, the user doesn't have to.....

6.7AI Score

2023-04-03 12:00 AM
2
code423n4
code423n4

An edge case in amplifier allows user to stake after end time, causing reward to be locked in the contract

Lines of code Vulnerability details Proof of Concept Observe that if nobody has staked after the period has ended, it's still possible for a single user to stake even though the period has ended....

6.7AI Score

2023-04-03 12:00 AM
6
code423n4
code423n4

Logic for RescueTokens is incorrect for muteTokens

Lines of code Vulnerability details Proof of Concept The logic for RescueTokens doesn't take into account the reward remainders. I wanted to write a POC but I'm in a bit of a time crunch. So, imagine the following situation: totalRewards = 100, and staker A, B (the only stakers) staked for the...

6.8AI Score

2023-04-03 12:00 AM
4
packetstorm

10CVSS

8.9AI Score

0.976EPSS

2023-04-03 12:00 AM
206
code423n4
code423n4

MuteAmplifier.rescueTokens() should check conditions for fee tokens(token0/token1) as well

Lines of code Vulnerability details Impact rescueTokens() can be used to withdraw fee tokens without any validations. As a result, the reward logic would be broken due to the lack of fee tokens. Proof of Concept rescueTokens() doesn't validate anything for the fee tokens. So if some fee tokens...

6.9AI Score

2023-04-03 12:00 AM
2
zdt

10CVSS

9.3AI Score

0.976EPSS

2023-04-02 12:00 AM
347
code423n4
code423n4

MuteAmplifier.sol: multiplier calculation is incorrect which leads to loss of rewards for almost all stakers

Lines of code https://github.com/code-423n4/2023-03-mute/blob/4d8b13add2907b17ac14627cfa04e0c3cc9a2bed/contracts/amplifier/MuteAmplifier.sol#L366-L388 https://github.com/code-423n4/2023-03-mute/blob/4d8b13add2907b17ac14627cfa04e0c3cc9a2bed/contracts/amplifier/MuteAmplifier.sol#L417-L460...

6.7AI Score

2023-04-02 12:00 AM
5
exploitdb

10CVSS

7.7AI Score

EPSS

2023-04-01 12:00 AM
217
code423n4
code423n4

Users might lose their stETH rebased reward due to the weights change

Lines of code Vulnerability details Vulnerability Details Let's consider the following scenario: Bob deposits 10eth with the weights: stETH: weights[0] = 90e18, rETH: weights[1] = 5e18. sfrxETH: weights[2] = 5e18 Now, since the Lido has 80% of liquid staking market, Asymmetry Finance...

6.7AI Score

2023-03-30 12:00 AM
11
openbugbounty
openbugbounty

reward-partners.org Cross Site Scripting vulnerability OBB-3240056

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

5.9AI Score

2023-03-29 09:04 AM
10
githubexploit
githubexploit

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Minio

CVE-2023-28432 CVE-2023-28432 MinIO敏感信息泄露检测脚本 Usage ```...

7.5CVSS

7.9AI Score

0.885EPSS

2023-03-29 01:26 AM
285
schneier
schneier

Hacks at Pwn2Own Vancouver 2023

An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model...

7.3AI Score

2023-03-27 11:03 AM
23
githubexploit

7.5CVSS

7.9AI Score

0.885EPSS

2023-03-24 08:13 AM
260
githubexploit
githubexploit

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Minio

minio_unauth_check CVE-2023-28432,minio信息泄露检测工具...

8AI Score

2023-03-24 03:15 AM
249
github
github

weixin-python XML External Entity vulnerability

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The name....

9.8CVSS

9.3AI Score

0.002EPSS

2023-03-21 06:30 PM
12
osv
osv

weixin-python XML External Entity vulnerability

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The name....

9.8CVSS

9.3AI Score

0.002EPSS

2023-03-21 06:30 PM
8
cve
cve

CVE-2018-25082

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The...

9.8CVSS

9.5AI Score

0.002EPSS

2023-03-21 06:15 PM
24
nvd
nvd

CVE-2018-25082

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The...

9.8CVSS

7.1AI Score

0.002EPSS

2023-03-21 06:15 PM
osv
osv

CVE-2018-25082

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The...

9.8CVSS

9.8AI Score

0.002EPSS

2023-03-21 06:15 PM
2
prion
prion

Xxe

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The...

9.8CVSS

9.5AI Score

0.002EPSS

2023-03-21 06:15 PM
7
cvelist
cvelist

CVE-2018-25082 zwczou WeChat SDK Python to_xml xml external entity reference

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The...

6.3CVSS

9.6AI Score

0.002EPSS

2023-03-21 06:00 PM
githubexploit
githubexploit

Exploit for Missing Authentication for Critical Function in Linuxfoundation Harbor

CVE-2022-46463 (Harbor public镜像下载) Harbor是一款开源的镜像托管平台。...

7.5CVSS

7.6AI Score

0.076EPSS

2023-03-21 10:40 AM
287
code423n4
code423n4

bootloader doesn't add tighter gas limit to the IAccount.validateTransaction call

Lines of code Vulnerability details Impact As mentioned in the competition details: *Important, while the bootloader is out of scope, we may reward an additional bounty for valid bugs found in it by our judgement! As mentioned in the dev document,...

7.1AI Score

2023-03-19 12:00 AM
4
code423n4
code423n4

An attacker can manipulate the call stack of the transaction to impersonate another address and set a different value for the origin variable.

Lines of code Vulnerability details Impact By changing the transaction's call stack, an attacker can use the origin variable to pretend to be another address, as a result, the attacker can be able to enter the system without authorization and carry out evil deeds. Proof of Concept The...

6.8AI Score

2023-03-17 12:00 AM
5
code423n4
code423n4

Upgraded Q -> 3 from #197 [1678982150949]

Judge has assessed an item in Issue #197 as 3 risk. The relevant finding follows: [L-02] Instant reward calculation The text was updated successfully, but these errors were encountered: All...

7AI Score

2023-03-16 12:00 AM
2
code423n4
code423n4

Flawed calculation in getPoolReward leads to permanent loss of rewards

Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/main/contracts/staking/NeoTokyoStaker.sol#L1390 Vulnerability details In NeoTokyoStaker.getPoolReward, a users reward is calculated as follows: 1388: uint256 share = points * _PRECISION / pool.totalPoints * totalReward; 1390: ...

6.7AI Score

2023-03-15 12:00 AM
8
code423n4
code423n4

Malicious users can claim BYTES rewards after withdrawing all of their LP stake

Lines of code Vulnerability details Impact Users are able to continue claiming BYTES rewards indefinitely on their initials points after withdrawing all of their LP stake. Proof of Concept A user can withdraw all of their LP staked tokens in multiple steps with an amount < 1e16. If the amount is...

6.7AI Score

2023-03-15 12:00 AM
9
code423n4
code423n4

BYTES2.getReward: no check for input

Lines of code Vulnerability details Impact the function getReward should validate that _to is not an empty address (0x0) to prevent accidental loss of BYTES. Impact: mint reward BYTES to address(0) will be lost Proof of Concept function getReward ( address _to ) external { ...

6.9AI Score

2023-03-15 12:00 AM
6
code423n4
code423n4

Total reward is miscalculating

Lines of code Vulnerability details Impact In the getPoolReward the calcul of totalReward is wrong because the rewardRate is not updated. When block.timestamp is less or equal to windows.startTime the reward rate should equal to the current window rate not the previous one. Proof of Concept...

6.8AI Score

2023-03-15 12:00 AM
4
code423n4
code423n4

User Rewards will be lost in case of Withdraw

Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1584 https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1519...

6.8AI Score

2023-03-15 12:00 AM
2
code423n4
code423n4

User can claim high rewards than he eligible

Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1331 https://github.com/code-423n4/2023-03-neotokyo/blob/dfa5887062e47e2d0c801ef33062d44c09f6f36e/contracts/staking/NeoTokyoStaker.sol#L1342...

6.9AI Score

2023-03-15 12:00 AM
4
code423n4
code423n4

Attacker can abuse rounding down to get reward without depositing anything in LP pool

Lines of code Vulnerability details Impact In function _withdrawLP(), it calculates the amount of points from the amount input parameter. unchecked { uint256 points = amount * 100 / 1e18 * lpPosition.multiplier / _DIVISOR; // Update the caller's LP token stake. lpPosition.amount -=...

6.7AI Score

2023-03-15 12:00 AM
3
code423n4
code423n4

Staker can withdraw a staked LP token amount that is small enough to ensure that lpPosition.points does not change when calling NeoTokyoStaker._withdrawLP function and cause extra reward shares, which the staker is not entitled to, to be minted to the staker when calling lpPosition.getPoolReward function later

Lines of code https://github.com/code-423n4/2023-03-neotokyo/blob/main/contracts/staking/NeoTokyoStaker.sol#L1264-L1396 Vulnerability details Impact When withdrawing the staked LP tokens, the staker can divide the total staked token amount into smaller amounts and call the NeoTokyoStaker.withdraw.....

6.5AI Score

2023-03-15 12:00 AM
6
code423n4
code423n4

Infinite mint via points underflow (in scope)

Lines of code Vulnerability details Impact Due to unchecked math in the _withdrawLP() function, a user can trigger an underflow in their points and infinitely increase their rewards. The problem exists in several places. Problem 1. The configureTimelockOptions() function allows setting...

6.9AI Score

2023-03-15 12:00 AM
7
Total number of security vulnerabilities8397