Lucene search
K

14 matches found

Packet Storm News
Packet Storm News
added 2025/06/04 12:0 a.m.5 views

Design, Implementation, and Analysis of Fair Faucets for Blockchain Ecosystems

The present dissertation addresses the problem of fairly distributing shared resources in non-commercial blockchain networks. Blockchains are distributed systems that order and timestamp records of a given network of users, in a public, cryptographically secure, and consensual way. The records,...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/01 12:0 a.m.7 views

Autoregressive Images Watermarking through Lexical Biasing: an Approach Resistant to Regeneration Attack

Autoregressive AR image generation models have gained increasing attention for their breakthroughs in synthesis quality, highlighting the need for robust watermarking to prevent misuse. However, existing in-generation watermarking techniques are primarily designed for diffusion models, where...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.9 views

Attacker can take over and hijack any and every asset of a party initialized with the governance value distributionsRequireVote set to false, through the utilization of a flash loan.

Lines of code Vulnerability details Pre-requisite knowledge & an overview of the features in question 1. The distributionsRequireVote flag: The distributionsRequireVote flag is a governance value flag set to false by default in the governance values. It determines whether or not a party member ca...

7.5AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.5 views

Missing of the distribution state updating

Lines of code Vulnerability details Impact The getEffectiveDistributionSpeed can return incorrect information. It can return distributionSpeed but the accrueTokens function will increase tokenAmountAccruedtoken only for the difference between token.balanceOfaddressthis and tokenAmountAccruedtoken...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.20 views

User can call getReward multiple times causing 51% attack

Lines of code Vulnerability details Impact The Neo Tokyo staking program operates as follows: The staker is a competitive system where stakers compete for a fixed emission rate in each of the S1 Citizen, S2 Citizen, and LP token staking pools. Stakers "may" choose to lock their assets for some...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.20 views

Integer Overflow

Lines of code Vulnerability details Impact The owner of the ActivePool contract can set yield distribution parameters that do not add to the expected 10000 BPS. This would cause the rebalance function to send the incorrect number of tokens when using the splits. Proof of Concept Calling...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.8 views

Multiple combinations of token0/token1 for a given liquidity exist to satisfies the custom variant of AMM pool. A naive LP or Power token holder can transfer more token0/token1 then necessary when minting & burning respectively

Lines of code Vulnerability details Impact LP's need to provide a combination of token0 / token 1 for a given liquidity that satisfied a custom variant that satisfies 2 conditions 1. scale1 = c + d where a, b, c, d are functions of token0/ token1 , liquidity and upper bound The relationship betwe...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.3 views

Unreleased locks cause the reward distribution to be flawed in BondNFT

Lines of code Vulnerability details Impact After a lock has expired, it doesn't get any rewards distributed to it. But, unreleased locks cause other existing bonds to not receive the full amount of tokens either. The issue is that as long as the bond is not released, the totalShares value isn't...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/07/08 12:0 a.m.13 views

Distribution of reserved tokens may run out of gas

Lines of code Vulnerability details Impact If there are enough entries in the splits array, the function that distributes the reserved tokens will run out of gas, and the reserved tokens will be un-distributable until the current cycle is over, and the splits are changed. If cycles are long, the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.7 views

Owner can takeover funds meant for distribution

Lines of code Vulnerability details Impact By calling sweep function at correct moment, Owner can transfer more than required tokenOut token which were meant to be distributed to users. Proof of Concept 1. Observe the sweep function function sweepaddress token external gacPausable nonReentrant...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/02 12:0 a.m.7 views

Precision loss

Lines of code Vulnerability details Impact In line 729 of HolyPaladinToken.sol a huge precision loss occurs if dropDecreaseDuration is not a multiple of MONTH. In its current implementation dropDecreaseDuration / MONTH will get rounded down, which means that dropDecreaseDuration of 1 month and 29...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/21 12:0 a.m.8 views

NFTXSimpleFeeDistributor#distribute() Wrong implementation of NFTXSimpleFeeDistributor#_sendForReceiver can potentially cause receivers to get wrong amounts of tokens

Handle WatchPug Vulnerability details function sendForReceiverFeeReceiver memory receiver, uint256 vaultId, address vault, uint256 amountToSend internal virtual returns bool if receiver.isContract IERC20Upgradeablevault.approvereceiver.receiver, amountToSend; // If the receive is not properly...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/11/12 12:0 a.m.10 views

TributeAccrual.availableTribute() & TributeAccrual.availableGovernanceTribute() Distributes Tributes Unfairly

Handle leastwood Vulnerability details Impact Conviction scores are calculating by taking the user's balance and multiplying it by the time elapsed. This score is updated upon each token transfer, or alternatively by directly calling ERC20ConvictionScore.updateConvictionScore. The availableTribut...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2016/07/18 3:22 a.m.13 views

That's A Clever Hack! How anyone could make Money from Google and Microsoft

Smart hackers could exploit a loophole that could allow them to steal a significant amount of cash from Google, Microsoft and Instagram using a Premium rate phone number. Security researcher Arne Swinnen from Belgium has discovered an ingenious way to steal money from big tech companies like...

6.9AI score
Exploits0
Rows per page
Query Builder