Lucene search
+L

4 matches found

hivepro
hivepro
added 2026/01/06 5:5 p.m.6 views

Cyber Risk Prioritization: A Practical Guide

For years, security teams have relied on static scores like CVSS to guide their patching efforts. While helpful, these scores only tell part of the story. They show a vulnerability's potential severity but lack the real-world context of what attackers are actually doing right now. A theoretical...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/06 12:0 a.m.19 views

Chainlink oracle will return the wrong price for asset if underlying aggregator hits minAnswer / max answer

Lines of code Vulnerability details Impact Chainlink oracle will return the wrong price for asset if underlying aggregator hits minAnswer / max answer and the deposit asset can be wrongly valued, leads to overborrowing Proof of Concept Chainlink aggregators have a built in circuit breaker if the...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2021/10/27 12:0 a.m.8 views

Historic data being requested as a part of MochiVault.withdraw and borrow functions can be outdated, so a user can avoid historic data update with sending old piece of _data

Handle hyh Vulnerability details Impact Asking to provide historic data proof doesn't imply that pricing is current, a malicious user can wait for market volatility and do deposit/borrow sequence with outdated price, borrowing more than current market value of supplied assets for example, suppose...

6.6AI score
Exploits0
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2019/11/06 9:10 p.m.71 views

Seven Security Strategies, Summarized

This is the sort of story that starts as a comment on Twitter, then becomes a blog post when I realize I can't fit all the ideas into one or two Tweets. You know how much I hate Tweet threads, and how I encourage everyone to capture deep thoughts in blog posts! In the interest of capturing the...

0.2AI score
Exploits0
Rows per page
Query Builder