Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 mm: hugetlb: fix incorrect fallback for subpool fixed an underflow error for...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.16 views

Wrong Accruing executed in VaultBooster.sol

Lines of code Vulnerability details Impact Accounting error in accruing at VaultBooster.sol will cause unexpected problems in VaultBooster.sol contract. Proof of Concept The accrue function of VaultBooster.sol at : does not check whether the return variable of computeAvailabletokenOut i.e.,...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.9 views

IF FEE ON TRANSFER TOKEN CONFIGURED AS THE VOTING TOKEN FOR THE VAULT, IT COULD INTRODUCE ACCOUNTING ERROR FOR VOTE COUNT

Lines of code Vulnerability details Impact The NFTBoostVault.lockTokens function is used to transfer the ERC20 voting token of the vault and the ERC1155 NFT to the NFTBoostVault contract after accounting for their respective votes. The issue here is that a fee-on-transfer token could get selected...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.19 views

_totalWithdrawn VALUE DOES NOT INCLUDE THE _fee AMOUNT THUS INTRODUCING ACCOUNTING ERROR

Lines of code Vulnerability details Impact In the PrizePool.ClaimPrize function is used to claim the rewards of the verified winner. Here when sending the Prize amount to the winner a fee amount is deducted from it as shown below: uint256 amount = tierLiquidity.prizeSize - fee; And this amount is...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/08/15 12:0 a.m.10 views

Unsafe casting from int128 can cause wrong accounting of locked amounts

Lines of code Vulnerability details Impact The unsafe casting to int128 variable can cause its value to be different from the correct value. For example in the createLock function, the addition to the locked amount variable is done by locked.amount += int128int256value. In that case, if value is...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.6 views

ConvexStakingWrapper._calcRewardIntegral() Has An Accounting Error When Updating reward.remaining

Lines of code Vulnerability details Impact The ConvexStakingWrapper.sol implementation makes several modifications to the original design. One of the key changes is the way rewards are distributed to stakers. A new ConcurRewardPool.sol contract is used to store rewards, allowing users to claim...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.10 views

ConcentratedLiquidityPool: incorrect feeGrowthGlobal accounting when crossing ticks

Handle hickuphh3 Vulnerability details Impact Swap fees are taken from the output. Hence, if swapping token0 for token1 zeroForOne is true, then fees are taken in token1. We see this to be the case in the initialization of feeGrowthGlobal in the swap cache feeGrowthGlobal = zeroForOne ?...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/09/15 12:0 a.m.12 views

Issue in balance update in setCap

Handle 0xsanson Vulnerability details Impact During Controller.setCap we change vaultDetailsvault.balance to vaultDetailsvault.balance.subbalance. This is wrong, and the correct value should be vaultDetailsvault.balance.subdiff, because diff is the value withdrawn from the strategy. High risk...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/08/18 12:0 a.m.36 views

Mozilla Firefox 3.6 < 3.6.20 Multiple Vulnerabilities

Binary data 801343.prm...

10CVSS9.8AI score0.05556EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2011/08/18 12:0 a.m.28 views

Firefox 3.6 < 3.6.20 Multiple Vulnerabilities

The installed version of Firefox 3.6 is earlier than 3.6.20. As such, it is potentially affected by the following security issues : - A dangling pointer vulnerability exists in an SVG text manipulation routine. CVE-2011-0084 - A DOM accounting error exists in the 'appendChild' JavaScript function...

10CVSS7.3AI score0.05556EPSS
Exploits5References10
Rows per page
Query Builder