Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Code423n4
Code423n4added 2023/07/05 12:0 a.m.12 views

Incorrect Use of Equality Operator in addPartner and addVault Functions

Lines of code Vulnerability details Impact The addPartner and addVault functions in the PartnerManagerFactory contract are intended to add new partner managers and vaults respectively. These functions also assign a unique ID to each new partner manager and vault by storing them in the partnerIds...

6.9AI score
Exploits0
Code423n4
Code423n4added 2023/04/28 12:0 a.m.7 views

Malicious users can exploit NameEncoder vulnerability to forge arbitrary names

Lines of code Vulnerability details Impact A malicious user can spoof NameEncoder.dnsEncodeName by forging a name to impersonate any other name, which can lead to faulty contract logic or even theft of someone else's name. Proof of Concept The function NameEncoder.dnsEncodeName is used to convert...

7.2AI score
Exploits0
Code423n4
Code423n4added 2023/03/19 12:0 a.m.70 views

The call to MsgValueSimulator with non zero msg.value will call to sender itself which will bypass the onlySelf check

Lines of code Vulnerability details Impact First, I need to clarify, there may be more serious ways to exploit this issue. Due to the lack of time and documents, I cannot complete further exploit. The current exploit has only achieved the impact in the title. I will expand the possibility of...

7AI score
Exploits0
Code423n4
Code423n4added 2023/02/03 12:0 a.m.7 views

Upgraded Q -> 2 from #800 [1675429611496]

Judge has assessed an item in Issue 800 as 2 risk. The relevant finding follows: 1- recordStakingError function doesn't decrease the minipool avaxLiquidStakerAmt value : When the function recordStakingError is called by the multisig it decreases both the total AVAX staking amount and the AVAX...

6.9AI score
Exploits0
Code423n4
Code423n4added 2022/11/08 12:0 a.m.10 views

Attacker can drain the SizeSealed.sol contract.

Lines of code Vulnerability details Impact An attacker can drain the SizeSealed.sol contract buy creating fake auction and manipulating some contract logic. POC Assuming that the SizeSealed.sol initially contains 10000 DAI tokens, I’ll demonstrate how an attacker can steal these tokens. The bug i...

6.6AI score
Exploits0
Code423n4
Code423n4added 2022/09/01 12:0 a.m.8 views

BondCallback Re-Entrancy vulnerability

Lines of code Vulnerability details Impact when withdraw reserves from TRSRY to msg.sender,it may go to other external uncontrollable contract logic if reserve token contract transferFrom function call to other contract ,it will cause other market use this callback asset loss or this contract...

6.8AI score
Exploits0
Code423n4
Code423n4added 2022/08/06 12:0 a.m.12 views

Add members to the not yet created community

Lines of code Vulnerability details Impact There is a addMember function in the Community. The function accepts data that should be signed by the community.owner and newMemberAddr. // Compute hash from bytes bytes32 hash = keccak256data; // Decode params from data uint256 communityID, address...

6.9AI score
Exploits0
Rows per page
Query Builder