764 matches found
EUVD-2018-11508
Malware in sbrugna...
EUVD-2018-8889
Malware in sbrugna...
EUVD-2018-3024
Malware in sbrugna...
EUVD-2021-20109
Malware in sbrugna...
EUVD-2018-2373
Malware in sbrugna...
CVE-2021-34270
An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses...
Malicious code in erc20-faucet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1318f067a3c4a722bc3d70af3c94d47696dc695c07dafc5cac772db0e1b20fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1519 Malicious code in erc20-faucet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1318f067a3c4a722bc3d70af3c94d47696dc695c07dafc5cac772db0e1b20fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
cauuu (>=0.1.0 <=0.1.1), cosmwasm-simulate (>=0.13.2 <=0.13.6) +10 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=0.9.4)
cosmwasm-vm CARGO version =0.10.1, =0.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 - terraswap =1.0.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0366...
Malicious code in erc20-scanner (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5112 Malicious code in erc20-scanner (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control C2 framework within a PNG image of the project's logo. The package employing this...
Malicious code in erc20-testenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ba12fa784008a111d1c5f54bbb19cf4807564ce4e06434d4a10eae96767350a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1002 Malicious code in erc20-testenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ba12fa784008a111d1c5f54bbb19cf4807564ce4e06434d4a10eae96767350a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
L1 TO L2 ERC20 TOKEN TRANSFER CAN BE DoS IN THE FxERC20ChildTunnel CONTRACT SINCE A MALICIOUS USER CAN SET THE fxRootTunnel ADDRESS TO AN INVALID ADDRESS
Lines of code Vulnerability details Impact The FxERC20ChildTunnel is a smart contract which is used for the L2 token management. The FxERC20ChildTunnel contract inherits from the FxBaseChildTunnel contract. The FxBaseChildTunnel contract has the validateSender modifier which requires the sender o...
Upgraded Q -> 2 from #549 [1704652745528]
Judge has assessed an item in Issue 549 as 2 risk. The relevant finding follows: L-02 The first piece created can pass quorumVotes without any votes if totalSupply of ERC20 votes is zero --- The text was updated successfully, but these errors were encountered: All reactions...
Delegation to address(0) causes permanent loss of voting power
Lines of code Vulnerability details Impact As stated in the comment on line 12 of NontransferableERC20Votes.sol, delegation of vote power can be done through the delegate function or by providing a signature to be used with delegateBySig. However, these functions do not prevent users from...
In some pools, borrowers can maliciously prevent liquidatePosition()
Lines of code Vulnerability details Vulnerability details in liquidatePosition At the end of the liquidation, the liquidation fee will be transferred to the liquidator. function liquidatePosition DataStruct.ClosePositionParams calldata params, address borrower external override nonReentrant...
Zero amount token transfers may cause a denial of service during liquidations
Lines of code Vulnerability details Summary Some ERC20 implementations revert on zero value transfers. Since liquidation rewards are based on a fraction of the available position's premiums, this may cause an accidental denial of service that prevents the successful execution of liquidations...
Decimals of LendingPool don't take into account the offset introduced by VIRTUAL_SHARES
Lines of code Vulnerability details Impact The impact of this finding is more on the marketing/data fetching side, on exchanges it would appear that the shares are worth less VIRTUALSHARES than the underlying token. Given that it would influence the perception of the value of the shares token,...