982 matches found
CVE-2022-41259
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor...
PT-2022-6134 · Sap · Sap Sql Anywhere
Name of the Vulnerable Software and Affected Versions: SAP SQL Anywhere version 17.0 Description: The issue is related to the lack of protection for the SQL query structure in SAP SQL Anywhere. An authenticated attacker can exploit this by crashing the server with specially crafted queries that u...
Prototype Pollution
unset-value is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the module.exports function in index.js and modify attributes such as proto, constructor, and prototype base objects...
initializer modifier on constructor function
Lines of code Vulnerability details Impact In L2StandardERC20.sol the initializer modifier is placed both on the constructor function and on the bridgeInitialize function. When the initializer modifier is used it cannot be called again on any function in the contract since it will revert with a...
reentrancyGuardInitializer modifier used on constructor and Initialize functions
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In L1ERC20Bridge.sol there are two places where the reentrancyGuardInitializer modifier is used. It's found on both the constructor function and also on the initialize function. This is a problem becaus...
Upgraded Q -> M from 612 [1666359673078]
Judge has assessed an item in Issue 612 as Medium risk. The relevant finding follows: NC-01 Replace assembly chainid with Solidity's chainId Description Retrieving the current chain id via the Yul chainid expression can be replaced with the Solidity native call to chainId. Findings...
CVE-2022-23770
This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal...
minimist: prototype pollution
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...
First depositor can break share minting
Lines of code Vulnerability details Impact Users will be unable to deposit their wished amount of tokens. Proof of Concept Similar to this ToB yearn audit, an attacker can mint a very small amount of shares and transfer a large amount of WETH to the contract, inflating the share price and making ...
rewarding is not started after StakingRewards contract deployment and there is no specific time set for contract start time of rewarding, users stacked their funds has no way knowing when is rewarding is going to be started
Lines of code Vulnerability details Impact after StakingRewards the constructor logic set value for rewardRate and rewardsDuration but rewarding is not started for stackers and users has no way to find out when is rewarding going to be started. only reward Distributer can start rewarding process...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
blockTimestampLast not initialised to block.timestamp results in wrong calculations for reservesCumulative and totalSupplyCumulative in _update() function
Lines of code Vulnerability details Impact Default value of blockTimestampLast is 0 and affects the calculations done in the first call of update. observations would store the wrong value and affect subsequent calculations of price when a sample size that includes this wrong observation is taken...
Unsafe downcast
Lines of code Vulnerability details Impact It's possible to generate silent overflows when downcasting. E.g. if the value if bigger than the type being cast, it will overflow starting from zero. Proof of concept For the Price.sol constructor, if observationFrequency is a small value and...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
GHSA-FWV4-6MXC-X5H3 morgan-json vulnerable to Arbitrary Code Execution
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor...
morgan-json vulnerable to Arbitrary Code Execution
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor...
Design/Logic Flaw
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor...
CVE-2022-25921 Arbitrary Code Execution
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor...
CVE-2022-25921
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor...