7 matches found
amountAvailableForStaking() not fully utilized with compoundedAvaxNodeOpAmt easily forfeited
Lines of code Vulnerability details Impact The mitigated step is implemented at the expense of economic loss to both the node operators and the liquid stakers if compoundedAvaxNodeOpAmt ggAVAX.amountAvailableForStaking after all due to situations like liquid stakers have been actively calling...
User cannot withdraw locked fund at all after unlock time has passed if delegated to someone else. Result in huge economics loss.
Lines of code Vulnerability details Impact User cannot withdraw locked fund at all after unlock time has passed if delegated to someone else. Result in huge economics loss as user can't get their underlying token delegated to back. In the document it is said that locks need to be undelegated firs...
veAsset are locked forever if users are periodically deposit new veAsset or calling lockVeAsset
Lines of code Vulnerability details Impact veAsset are locked forever if users are periodically deposit new veAsset or calling lockVeAsset. VeAssetDepositor also doesn't have mechanism to prevent new user from depositing or calling lockVeAsset. Which mean it will get called forever. As a result,...
Talking about the struts2 in the history of high-risk vulnerabilities-vulnerability warning-the black bar safety net
Apache Struts2 as the world's most popular Java Web framework of meaning, widely used in teaching, Finance, Internet, communications and other nervous industry. It's a high-risk flaws persecution can perhaps form a significant Internet Safe the dangers and huge economic loss. This article is...
ICBC Internet banking assistant and other security controls was traced to the presence of the“disaster-level”vulnerability-vulnerability warning-the black bar safety net
Recently, ICBC Internet banking assistant and other security controls was traced to the presence of the“disaster-level”vulnerability, the vulnerability can cause remote arbitrary code execution on the user computer, security caused great harm. Baidu security prompts the user as soon as possible o...
Heartland Data Breach Suit Back from the Dead
For all intents and purposes, the Heartland Payment Systems data breach saga ended more than two years ago when the embattled payment processor finalized settlements paying out millions of dollars to various banks, credit card issuers and consumers. That is until a handful of banks reportedly...
Conficker's estimated cost? $9.1 billion
From ZDNet Dancho Danchev In a recent blog post, the Cyber Secure Institute claims that based on their previous studies into the average cost of suck malware attacks, the economic loss due to the Conficker worm could be as high as $9.1 billion. Despite that their analysis also considered a much...