30 matches found
EUVD-2009-2373
Malware in sbrugna...
EUVD-2007-3444
Malware in sbrugna...
Slashed amount may not be cover the staker reward payout
Lines of code Vulnerability details Impact Slashed amount may not be cover the staker reward payout Proof of Concept In the current fix, If the staked balance cannot cover the slashed amount, seize the staked balance. Staking staking = StakinggetContractAddress"Staking"; if staking.getGGPStakeown...
Mitigation Confirmed for Mitigation of H-06 Issue mitigated
C4 issue H-06: MinipoolManager: node operator can avoid being slashed Comments In the original implementation, there were a few scenarios where malicious node operators can avoid being slashed. Mitigation PR 41 This PR includes mitigation for various issues H-03, H-06, M-13. Just focusing on the...
Deficiency of slashed GGP amount should be made up from node operator's AVAX
Lines of code Vulnerability details Impact If staked GGP doesn't cover slash amount, slashing it all will not be fair to the liquid stakers. Slashing is rare, and that the current 14 day validation cycle which is typically 1/26 of the minimum amount of GGP staked is unlikely to bump into this...
Upgraded Q -> 2 from #653 [1675442664703]
Judge has assessed an item in Issue 653 as 2 risk. The relevant finding follows: 1. Funds are locked if Rialto use function finishFailedMinipoolByMultisig Detail Function finishFailedMinipoolByMultisig did not transfer any funds or doing any data change, only updating state of minipool to Finishe...
MinipoolManager: node operator can avoid being slashed
Lines of code Vulnerability details Impact When staking is done, a Rialto multisig calls MinipoolManager.recordStakingEnd . If the avaxTotalRewardAmt has the value zero, the MinipoolManager will slash the node operator's GGP. The issue is that the amount to slash can be greater than the GGP balan...
Possible to block withdrawal of staked funds after recordStakingEnd or stakingError
Lines of code Vulnerability details Impact Node operators can lose their staked AVAX after stakingEnd or stakingError. Funds will be locked in the Staking contract, but impossible to withdraw. A bad actor does need to supply 1000 AVAX which he gets back and has not have real incentive to do it, b...
Malicious user can use previously used nodeID to prevent user(s) from withdrawing minipool funds
Lines of code Vulnerability details In createMinipool, an event is emitted with details of a newly created minipool. This includes relevant information that a subsequent user can utilise to create another minipool.The only condition that prevents a minipool from being created again with the same...
Malicious code in avax-js-cli-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20bcbb8282cba23d9c896b37231cedc6bae3b5042eff2693e1ee677525401345 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1184 Malicious code in avax-js-cli-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20bcbb8282cba23d9c896b37231cedc6bae3b5042eff2693e1ee677525401345 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Failed transfer with low level call could be overlooked
Handle harleythedog Vulnerability details Impact In LaunchEvent.sol, the function safeTransferAVAX is as follows: function safeTransferAVAXaddress to, uint256 value internal bool success, = to.callvalue: valuenew bytes0; requiresuccess, "LaunchEvent: avax transfer failed"; This function is utiliz...
Wrong token allocation computation for token decimals != 18 if floor price not reached
Handle cmichel Vulnerability details In LaunchEvent.createPair, when the floor price is not reached floorPrice wavaxReserve 1e18 / tokenAllocated, the tokens to be sent to the pool are lowered to match the raised WAVAX at the floor price. Note that the floorPrice is supposed to have a precision o...
MATIC/AVAX and AVAX/MATIC pools
Handle 0x0x0x Vulnerability details The MATIC/AVAX and AVAX/MATIC pools are close to being undercollateralized. Don't fall for the high APR Psyops, always check the collateralization before lending into a pool, otherwise borrowers will default and you will loose your asset --- The text was update...
Avaxswf.dll 1.0.0.1 from Avax Vector ActiveX Arbitrary Data Write
No description provided by source. :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write ============================================================================ Internal ID: VULWAR20070626...
Avax Vector 1.3 'avPreview.ocx' ActiveX Control Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35583/info Avax Vector is prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of an application that uses the ActiveX control typically Internet...
CVE-2009-2377
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service application crash via a long PrinterName property...
Buffer overflow
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service application crash via a long PrinterName property...
CVE-2009-2377
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service application crash via a long PrinterName property...
CVE-2009-2377
The CVE-2009-2377 entry concerns the AVAX-software Avax Vector ActiveX 1.3 with the ActiveX control avPreview.ocx. A buffer overflow can be triggered in the PrinterName property, allowing remote attackers to cause a denial of service (application crash). Affected component: Avax Vector ActiveX 1....