Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Code423n4
Code423n4added 2023/12/12 12:0 a.m.2 views

Contracts are vulnerable to fee-on-transfer accounting-related issues

Lines of code 359, 448, 509, 530, 42, 797, 162 Vulnerability details The functions below transfer funds from the caller to the receiver via transferFrom, but do not ensure that the actual number of tokens received is the same as the input amount to the transfer. If the token is a fee-on-transfer...

6.9AI score
Exploits0
CNNVD
CNNVDadded 2023/12/09 12:0 a.m.3 views

OpenZeppelin Security Vulnerability

OpenZeppelin is a software application. A standard for secure blockchain applications. OpenZeppelin Contracts suffers from a security vulnerability that stems from subjecting users to unintentional duplicate operations, such as asset transfers...

7.5CVSS6.7AI score0.00492EPSS
Exploits0References3
Veracode
Veracodeadded 2021/08/30 3:25 a.m.18 views

Privilege Escalation

@openzeppelin/contracts is vulnerable to privilege escalation. The vulnerability exists due to the lack of sanitization of roles in the TimelockController function which allowed an actor with executor role to escalate privileges...

10CVSS4.5AI score0.00443EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder