Lucene search
K

31 matches found

Code423n4
Code423n4
added 2023/04/03 12:0 a.m.14 views

The first stake is possible after endTime

Lines of code Vulnerability details Impact Users can stake after endTime due to the wrong check. Proof of Concept When a user stakes LP tokens using MuteAmplifier.stake, stake is not allowed after endTime which is set in initializeDeposit by an admin. requireblock.timestamp endTime,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/14 12:0 a.m.10 views

Mitigation Confirmed for Mitigation of H-06 Issue mitigated

C4 issue H-06: MinipoolManager: node operator can avoid being slashed Comments In the original implementation, there were a few scenarios where malicious node operators can avoid being slashed. Mitigation PR 41 This PR includes mitigation for various issues H-03, H-06, M-13. Just focusing on the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/30 12:0 a.m.7 views

mintReceipt could mint receipt after endtime.

Lines of code Vulnerability details Impact mintReceipt could mint receipt after endtime. If owner execute withdrawRemainingTokens user’s receipt that mint after endtime can’t claim. Proof of Concept function withdrawRemainingTokensaddress to public override onlyOwner...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/01/23 12:0 a.m.11 views

_locateCurrentAmount function, there is an unchecked block which skips underflow checks as startTime <= block.timestamp < endTime

Lines of code Vulnerability details Impact In the locateCurrentAmount function, there is an unchecked block which skips underflow checks as startTime = block.timestamp endTime, but if the condition is not upheld, the duration, elapsed, and remaining variables will underflow and can cause unexpect...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/09 12:0 a.m.9 views

Not possible to finish LPDA after endTime

Lines of code Vulnerability details Vulnerability details The only way to finish the sale is when newId == temp.finalId, making not possible to finish LPDA even if the endTime is already over POC There isn't any function to finalize the LPDA sale even if already finished the sale, the only way to...

6.8AI score
Exploits0
OSV
OSV
added 2022/11/08 11:15 a.m.3 views

CVE-2022-43546

A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...

8.8CVSS6.1AI score0.01504EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/11/08 11:15 a.m.4 views

CVE-2022-43546

A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...

9.9CVSS6.1AI score0.01504EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.4 views

PT-2022-5904 · Siemens · Sicam P855 +2

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions prior to V2.50 SICAM P850 versions prior to V3.10 SICAM P855 versions prior to V3.10 Description: The issue is related to errors in processing input data, specifically with the EndType parameter in the web...

9.9CVSS9AI score0.01504EPSS
Exploits0References7
OSV
OSV
added 2018/08/28 7:29 p.m.5 views

CVE-2018-3895

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily...

8.8CVSS6.1AI score0.01804EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/08/28 7:0 p.m.21 views

CVE-2018-3895

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily...

9.9CVSS8.9AI score0.01804EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2018/08/28 12:0 a.m.6 views

PT-2018-16288 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17 Description: A buffer overflow issue exists in the HTTP server of the Samsung SmartThings Hub, specifically in the /cameras/XXXX/clips handler. The strncpy function overflows a...

9.9CVSS9.3AI score0.01804EPSS
Exploits2References3
Rows per page
Query Builder