Lucene search
K

116 matches found

The Hacker News
The Hacker News
added 2023/12/15 1:1 p.m.14 views

Crypto Hardware Wallet Ledger's Supply Chain Breach Results in $600,000 Theft

Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishi...

8AI score
Exploits0
Code423n4
Code423n4
added 2023/12/12 12:0 a.m.44 views

Unsafe usage of msg.value in a loop

Lines of code 140 Vulnerability details The value of msg.value in a transaction's call never gets updated, even if the called contract ends up sending some or all of the Eth to another contract. This means that using msg.value in a for- or while-loop, without extra accounting logic, will either...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.7 views

Vulnerability in swapGivenInputAmount Function that could Leads to Unintended Token Draining

Lines of code Vulnerability details Impact The vulnerability discovered in the swapGivenInputAmount function has the potential to cause unintended token draining in the smart contract. Due to an incorrect check for a negative result in the code requireresult 0;, the function may allow swaps to...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/07/25 6:24 p.m.20 views

CVE-2023-35942 Envoy's gRPC access log crash caused by the listener draining

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a use-after-free crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9,...

6.5CVSS6.7AI score0.00735EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/25 6:24 p.m.15 views

CVE-2023-35942 Envoy's gRPC access log crash caused by the listener draining

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a use-after-free crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9,...

6.5CVSS8AI score0.00735EPSS
Exploits1References1
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.9 views

Attacker can create additional canonical token bridge

Lines of code Vulnerability details Impact Deployers of custom TokenManagers can subvert the limitation imposed in the documentation that allows only one Canonical Bridges for each existing ERC20 token: “deployers can deploy a Canonical Bridge for any token they want, this can be done only once p...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/05/25 1:59 a.m.4 views

SUSE CVE-2023-33297

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service e.g., CPU consumption because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023...

7.5CVSS6.7AI score0.014EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2023/05/22 12:0 a.m.6 views

VulnCheck KEV: CVE-2023-33297

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service e.g., CPU consumption because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023...

7.5CVSS7.1AI score0.014EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.10 views

Misconfiguration of LP token contract

Lines of code Vulnerability details Impact If the LP token contract is set to a non-contract address or a no-revert-on-transfer token, users will be able to: 1. Mint huge amounts of BYTES 2.0 tokens. 2. Drain the contract of all its LP tokens. Vulnerability Details Throughout the contract, it is...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/30 12:0 a.m.17 views

Drips.sol: drips can be squeezed from before drips.updateTime which allows to drain ALL funds from the protocol

Lines of code Vulnerability details Impact The Drips.squeezeDrips function allows to receive drips from the currently running cycle from a single lender. Drips are configured via the Drips.setDrips function . A Drip can be configured to start at any time. The protocol caps the start time at the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/01/30 12:0 a.m.10 views

withdrawFee() can be called indefinitely

Lines of code Vulnerability details The function withdrawFee does not account whether the fees have already been collected or not, therefore it can be called multiple times or even indefinitely, until the contract balance reaches zero. All funds will be transferred to the protocolFeeRecipient, bu...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/20 12:0 a.m.18 views

A staker might drain the stRST contract slowly

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The stake function relies on the payoutRewards function to calculate stakeRate, which has a round-up error. Then, stateRate is also used to calculate stakeAmount, which also has a round-up error. As a...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/10 1:0 p.m.18 views

Polite WiFi loophole could allow attackers to drain device batteries

Researchers at the University of Waterloo in Ontario have further researched a loophole in the WiFi protocol that was dubbed "polite WiFi". Last year the researchers published a study in which they showed someone could use this loophole to triangulate the location of any WiFi enabled device. Now,...

1.4AI score
Exploits0
Code423n4
Code423n4
added 2022/12/08 12:0 a.m.8 views

Actor can send an arbitrary token when adding liquidity

Lines of code Vulnerability details Impact Anyone can call addLiquidity directly and can input tokenId, params and data. The data inputs are never checked, so the user can send anything in there. Since the erc20 tokens routed are defined in the data parameter, user could send any token. Since the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.11 views

Draining baseToken from contract by calling finalize function multiple times

Lines of code Vulnerability details Impact Draining baseToken from SizeSealed contract by calling finalize function multiple times Proof of Concept The finalize function can be called multiple times by providing clearingQuote to typeuint128.max. Currently inside finalize function there is no chec...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.8 views

[PNM-001] finalize with malicious input may allow multiple calls leading to fund draining

Lines of code Vulnerability details Description The finalize function of the contract SizeSealed is used to finalize an auction, allowing the auctioner or seller to be paid quote tokens and also eventually allowing successful bidders to withdraw base tokens. Once the finalize function is called,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/29 12:0 a.m.11 views

Reentrancy vulnerabilities

Lines of code Vulnerability details Impact A reentrancy attack can occur when the contract fails to update its state before the interaction, the attacker can make a recursive call back to the original function in an attempt to drain funds or token. Proof of Concept Contract Fed.sol. Function...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/08 12:0 a.m.10 views

getUnderlyingPrice returns an incorrect value for cUSDC

Lines of code Vulnerability details BaseV1Router01.getUnderlyingPricecToken returns the price of cToken in $NOTE. As per the docs, the function is designed so that cStable coins USDC, USDT, NOTE have prices that are statically set to 1e18. The issue is that USDC uses 6 decimal places of precision...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/08 12:0 a.m.9 views

# WRONG DESIGN/IMPLEMENTATION OF ADDLIQUIDITY() ALLOWS ATTACKER TO STEAL FUNDS FROM THE LIQUIDITY POOL

Lines of code Vulnerability details The current design/implementation of Vader pool allows users to addLiquidity using arbitrary amounts instead of a fixed ratio of amounts in comparison to Uni v2. We believe this design is flawed and it essentially allows anyone to manipulate the price of the po...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/07/14 12:0 a.m.6 views

cash share amount calculated incorrectly

Lines of code Vulnerability details Impact When a buyout is successful, token owners can cash out their fractional tokens for ETH. The amount of ETH cashed out buyoutShare is calculated like this L268: uint256 buyoutShare = tokenBalance ethBalance / totalSupply + tokenBalance; with tokenBalance t...

6.8AI score
Exploits0
Rows per page
Query Builder