Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A code execution vulnerability exists in the Bento4 Ap4StsdAtom.cpp file, which stems from the failure of the AP4StsdAtom::AP4StsdAtom method of the Ap4StsdAtom.cpp file to correctly filter the special elements of the...

safeTransferFrom Does Not Check for Code at the Token Address

Lines of code Vulnerability details Impact The solady safeTransferFrom does not check for code at a token address before transferring. This can result in a deposit being made in a selfdestructed token or an embryonic token such as one that can be created from another chain's bridge without the us...

Upgraded Q -> M from 612 [1666359673078]

Judge has assessed an item in Issue 612 as Medium risk. The relevant finding follows: NC-01 Replace assembly chainid with Solidity's chainId Description Retrieving the current chain id via the Yul chainid expression can be replaced with the Solidity native call to chainId. Findings...