31 matches found
The first stake is possible after endTime
Lines of code Vulnerability details Impact Users can stake after endTime due to the wrong check. Proof of Concept When a user stakes LP tokens using MuteAmplifier.stake, stake is not allowed after endTime which is set in initializeDeposit by an admin. requireblock.timestamp endTime,...
Mitigation Confirmed for Mitigation of H-06 Issue mitigated
C4 issue H-06: MinipoolManager: node operator can avoid being slashed Comments In the original implementation, there were a few scenarios where malicious node operators can avoid being slashed. Mitigation PR 41 This PR includes mitigation for various issues H-03, H-06, M-13. Just focusing on the...
mintReceipt could mint receipt after endtime.
Lines of code Vulnerability details Impact mintReceipt could mint receipt after endtime. If owner execute withdrawRemainingTokens user’s receipt that mint after endtime can’t claim. Proof of Concept function withdrawRemainingTokensaddress to public override onlyOwner...
_locateCurrentAmount function, there is an unchecked block which skips underflow checks as startTime <= block.timestamp < endTime
Lines of code Vulnerability details Impact In the locateCurrentAmount function, there is an unchecked block which skips underflow checks as startTime = block.timestamp endTime, but if the condition is not upheld, the duration, elapsed, and remaining variables will underflow and can cause unexpect...
Not possible to finish LPDA after endTime
Lines of code Vulnerability details Vulnerability details The only way to finish the sale is when newId == temp.finalId, making not possible to finish LPDA even if the endTime is already over POC There isn't any function to finalize the LPDA sale even if already finished the sale, the only way to...
CVE-2022-43546
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...
CVE-2022-43546
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...
PT-2022-5904 · Siemens · Sicam P855 +2
Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions prior to V2.50 SICAM P850 versions prior to V3.10 SICAM P855 versions prior to V3.10 Description: The issue is related to errors in processing input data, specifically with the EndType parameter in the web...
CVE-2018-3895
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily...
CVE-2018-3895
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily...
PT-2018-16288 · Samsung · Samsung Smartthings Hub
Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17 Description: A buffer overflow issue exists in the HTTP server of the Samsung SmartThings Hub, specifically in the /cameras/XXXX/clips handler. The strncpy function overflows a...