CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Kitploit•added 2023/08/06 12:30 p.m.•43 views

AiCEF - An AI-assisted cyber exercise content generation framework using named entity recognition

AiCEF is a tool implementing the accompanying framework 1 in order to harness the intelligence that is available from online resources, as well as threat groups' activities, arsenal eg. MITRE, to create relevant and timely cybersecurity exercise content. This way, we abstract the events from the...

6.9AI score

Exploits0References6

Code423n4•added 2023/08/04 12:0 a.m.•8 views

The USDOOptionsModule contract's exercise function allows for dangerous call delegation

Lines of code Vulnerability details Impact The USDOOptionsModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for oTap actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's executeModule...

7.1AI score

OpenVAS•added 2023/04/11 12:0 a.m.•6 views

ILIAS 6.24, 7.x < 7.20 Multiple Vulnerabilities

ILIAS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ilias:ilias"; if description...

7.3AI score

Exploits0References2

OpenVAS•added 2023/04/05 12:0 a.m.•5 views

ILIAS < 7.19 Multiple Vulnerabilities

7.3AI score

Exploits0References1

Imperva Blog•added 2022/07/18 12:58 p.m.•12 views

How to ‘Win’ a Red Team Exercise

What is a red team exercise? Organizations that conduct red team exercises use penetration testing tactics to assess vulnerabilities and discover weak points in their cybersecurity preparation. Usually, this involves two teams - one red the protagonists and one blue the incident responders who mu...

0.1AI score

Code423n4•added 2022/07/04 12:0 a.m.•11 views

Create a short call order with non empty floor makes the option impossible to exercise and withdraw

Lines of code Vulnerability details Impact HIGH - assets can be lost If a short call order is created with non empty floorTokens array, the taker cannot exercise. Also, the maker cannot withdraw after the expiration. The maker will still get premium when the order is filled. If the non empty...

Code423n4•added 2022/07/04 12:0 a.m.•10 views

Short Call Maker Asset Can Be Frozen

Lines of code Vulnerability details Impact The fillOrder function only checks that the floorAssetTokenIds.length must be 0 when a taker fill a short call order. In other words, it does not check whether order.floorTokens.length is 0 or not, which means that if the maker includes any address in...

Code423n4•added 2022/07/04 12:0 a.m.•7 views

The fee is not paid as intended for put orders

Lines of code Vulnerability details Impact MEDIUM - functions of the protocol could be impacted For put options, the fees are not paid as intended. Proof of Concept poc0: fee on non-exercised put option poc0 shows that fee is applied for put option, even though the option was not exercised. poc1:...

Code423n4•added 2022/07/04 12:0 a.m.•14 views

PuttyV2.sol is allowing the cancelled orders to exercise and withdraw

Lines of code Vulnerability details Impact A cancelled order can be exercised and withdrawn Proof of Concept function exerciseOrder memory order, uint256 calldata floorAssetTokenIds public payable / CHECKS / bytes32 orderHash = hashOrderorder; // check user owns the position...

Code423n4•added 2022/07/04 12:0 a.m.•10 views

Attacker can take premium from taker who fill short-call orders for free.

Lines of code Vulnerability details Impact Takers who fill short-call orders may unable to exercise their long-call position. Attackers can abuse it to take premium from takers for free. In PuttyV2.fillOrder function, when taker fill short-call order, order’s maker only has to transfer erc20Asset...

Code423n4•added 2022/06/06 12:0 a.m.•9 views

Upgraded Q -> M from 294 [1654474576938]

Judge has assessed an item in Issue 294 as Medium risk. The relevant finding follows: Owner can frontrun exercise to increase fees A malicious owner account can observe and frontrun calls to exercise and extract 100% of the strike price as a protocol fee. Scenario: A malicious owner observes a ca...

6.9AI score

Code423n4•added 2022/05/14 12:0 a.m.•16 views

Rebasing tokens lock excess balance in contract

Lines of code Vulnerability details Rebasing tokens lock excess balance in contract If a vault is created with a rebasing ERC20 as its token, additional balance accrued through rebases while the token is owned by the vault may be locked in the contract. If the rebasing token balance decreases whi...

Code423n4•added 2022/05/14 12:0 a.m.•9 views

Setting a high feeRate can block exercise or cause negative flow of funds

Lines of code Vulnerability details Impact When an admin intentionally or unintentionally sets a feeRate greater than 1e18 100%, The exercise function can fail with arithmetic operation underflow at line 289 In the case, when beneficiary is connected to multiple vaults, the exercise function will...

Code423n4•added 2022/05/12 12:0 a.m.•8 views

no-revert-on-transfer ERC20 tokens can be drained

Lines of code Vulnerability details Impact Some ERC20 tokens don't throw but just return false when a transfer fails. This can be abused to trick the createVault function to initialize the vault without providing any tokens. A good example of such a token is ZRX: Etherscan code When such a vault ...