Lucene search
+L

18 matches found

Github Security Blog
Github Security Blog
added 2026/03/30 5:51 p.m.8 views

AVideo Vulnerable to Wallet Balance Double-Spend via TOCTOU Race Condition in transferBalance

Summary The transferBalance method in plugin/YPTWallet/YPTWallet.php contains a Time-of-Check-Time-of-Use TOCTOU race condition. The method reads the sender's wallet balance, checks sufficiency in PHP, then writes the new balance — all without database transactions or row-level locking. An attack...

5.3CVSS6AI score0.00228EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/07 4:16 a.m.1 views

MAL-2025-47973 Malicious code in ballance-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d2685c68a4c8516f69c39001102234d71d9fdb43a4c2b23ae83242808d9c3b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.8 views

In batchRefund, adding a check for sufficient balance before attempting refunds could prevent potential failures.

Lines of code Vulnerability details M2 - In batchRefund, adding a check for sufficient balance before attempting refunds could prevent potential failures. poc: solidity function batchRefund external returns requireaddressthis.balance = totalRefundAmount, "Insufficient balance for refunds"; Assess...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.13 views

A malicious contributor can increase voting power maliciously and eventually steal funds!

Lines of code Vulnerability details Impact Unlimited voting power for attacker and stealing of funds ! Proof of Concept All of the contribute functions uses msg.value to calculate the votingpower . For example , contribute function looks like this : function contribute uint256 tokenId, address...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.10 views

No token whitelist leaves rageQuit() vulnerable to malicious ERC20 token contracts

Lines of code Vulnerability details A malicious actor can exploit the PartyGovernanceNFT.sol::rageQuit function by specifying a malicious IERC20 contract in the withdrawTokens array. The malicious contract could "donate" tokens to the proxy contract to pass the balance check here and when the...

7.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.10 views

Function _execBuyNftFromMarket() Fails to Check the Actual ETH Balance in the Contract After Executing the Trade

Lines of code Vulnerability details Impact In the function execBuyNftFromMarket, if the user chooses to use WETH, the function deposits ETH and approves the amount of WETH to the marketplace. After executing the trade at the marketplace, the function checks that the balance decrease is correct in...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.10 views

upgradeBytes() functon doesn't allows user to upgrade their entire bytes1 token to bytes2 token

Lines of code Vulnerability details Impact The users can't upgrade all of its bytes1 token to bytes due to logic error in upgradeBytes functon. The user can only upgrade the token if he choose the less amount then what they already have. They cannot upgrade all tokens. Proof of Concept The...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.9 views

## Mathematical Modelling Cause a Significant Roundoff Error

Lines of code Vulnerability details Mathematical Modelling Cause a Significant Roundoff Error Function drippedAmt calculates the ended cycles. when calculating ended cycles it takes two divisions which cause round off error. Let's consider this scenario. Deposited token - WBTC amtPerSec = 1000000...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/20 12:0 a.m.7 views

early user can call issue() and then melt() to increase basketsNeeded to supply ratio to its maximum value and then melt() won't work and contract contract features like issue() won't work

Lines of code Vulnerability details Impact Function melt melt a quantity of RToken from the caller's account, increasing the basket rate. basket rate should be between 1e9 and 1e27 and function requireValidBUExchangeRate checks that if it's not in interval the the code would revert. the call to...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/09 12:0 a.m.34 views

Mssing Crucial Checks When Unlocking funds for Withdraw Requests from L2

Lines of code Vulnerability details Impact Atomicity literally does not exist when users from L2 initiate a withdrawal by burning funds on the contract and sending the message to L1. This is giving malicious attackers plenty of time to stealthily launch a series of small and yet sizable forgery o...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/21 12:0 a.m.8 views

Transferring any amount of the underlying token to the CNote contract will make the contract functions unusable

Lines of code Vulnerability details Impact The contract expects the balance of the underlying token to == 0 at all points when calling the contract functions by requiring getCashPrior == 0, which checks token.balanceOfaddressthis where token is the underlying asset. An attacker can transfer any...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/25 12:0 a.m.7 views

DDOS in BalLiquidityProvider

Lines of code Vulnerability details Impact DDOS to liquidity providers in BalLiquidityProvider Proof of Concept bal is equal to the contract’s balance of the asset bal is required to be equal to the input parameter request.maxAmountsIni : An attacker can front-run liquidity providers by sending 1...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/03/30 12:0 a.m.16 views

Improper Token Balance Check on swap()

Lines of code Vulnerability details Improper Token Balance Check on swap Description The swap can be separated in 2 paths, swap native to ERC20, or swap ERC20 to native. The contract performs a fromAssetId balance check before calling swap, mean that the attacker could periodically check for ERC2...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/01 12:0 a.m.9 views

flan can't be transferred unless the flan contract has flan balance greater than the amount we want to transfer

Handle CertoraInc Vulnerability details Flan.sol safeTransfer function The flan contract must have balance and must have more flan then we want to transfer in order to allow flan transfers. If it doesn't have any balance, the safeTransfer, which is the only way to transfer flan, will call transfe...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.7 views

NFTXMarketplaceZap: Balance check can result in DOS

Handle GreyArt Vulnerability details Impact The mint721 and mint1155 functions check that the correct number of vault tokens have been minted, after accounting for mint fees. uint256 balance = count BASE - INFTXVaultvault.mintFeecount; requirebalance == IERC20Upgradeablevault.balanceOfaddressthis...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.9 views

NFTXStakingZap: Balance check can result in griefing

Handle GreyArt Vulnerability details Impact The addLiquidity721WETH and addLiquidity1155WETH functions check that the correct number of vault tokens have been minted prior to liquidity provision. uint256 balance = count BASE; // We should not be experiencing fees. requirebalance ==...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.9 views

Overflow in the mint function of IndexPool causes LPs' funds to be stolen

Handle broccoli Vulnerability details Impact It is possible to overflow the addition in the balance check i.e., balancetokenIn = amountIn + reserve in the mint function by setting the amountIn to a large amount. As a result, the attacker could gain a large number of LP tokens by not even providin...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/05/26 12:0 a.m.6 views

ERC20ConvictionScore.acquireConviction implements wrong governance checks

Handle cmichel Vulnerability details Vulnerability Details There are two issues with the governance checks when acquiring them from an NFT: Missing balance check The governance checks in updateConvictionScore are: !isGovernanceuser && userConvictionScore = governanceThreshold && balanceOfuser =...

6.7AI score
Exploits0
Rows per page
Query Builder