kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check

A flaw was found in the Linux kernel's nftables component. A logic bug in nftmapcatchallactivate causes an inverted element activity check during the abort path of a failed transaction. This can lead to a use-after-free vulnerability, as catchall verdict elements may still reference a freed chain...

Linux Distros Unpatched Vulnerability : CVE-2022-42310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned...

CVE-2025-48886

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

CVE-2025-48886 hydra-node dangerously assumes L1 event finality and does not consider failed transactions

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

CVE-2025-48886 hydra-node dangerously assumes L1 event finality and does not consider failed transactions

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

PT-2025-26219 · Hydra · Hydra

Name of the Vulnerable Software and Affected Versions: Hydra versions prior to 0.22.0 Description: Hydra is a layer-two scalability solution for Cardano. The issue arises from the assumption of L1 event finality, where the system does not consider failed transactions on the Cardano L1. This makes...

CVE-2024-41945

The fuels-ts vulnerability centers on the fund function in fuels-ts/packages/account/src/account.ts, which gathers needed UTXOs using getResourcesToSpend without excluding already used UTXOs. This stateless approach can yield inputs that become invalid within the same block, causing transactions ...

Slippage Handling

Lines of code Vulnerability details Impact The primitiveOutputAmount function reverts the transaction if the output amount is less than the minimumOutputAmount, which is a strict slippage protection. This could lead to failed transactions due to normal price fluctuations in the Curve pool. Proof ...

The Transfer event is emitted successfully in MinterContract#mintAndAuction() even when the transaction has failed, leading to inaccurate accounting in off-chain systems.

Lines of code Vulnerability details Impact The airDropTokens function in the NextGenCore contract is responsible for minting and transferring an NFT to a user, exclusively called by the MinterContract. However, the execution of airDropTokens within MinterContractmintAndAuction prior to critical...

Send Ether will call instead of transfer

Lines of code Vulnerability details Impact transfer automatically forwards exactly 2300 gas to the receiving contract. This limitation can restrict smart contract's ability to interact with other contracts that require more gas for their operations like receiving eth, leading to failed transactio...

Potential Out of Bound Error When Accessing Range Array

Lines of code Vulnerability details The code seems to be attempting to access an element of the 'ranges' array using an index calculated from the array's length minus one. However, during the deployment or initialization of the contract, if the length of 'ranges' is 1, this calculation results in...

SETTING block.timestamp AS THE DEADLINE COULD LEAD TO HIGHER RATE OF FAILED TRANSACTIONS

Lines of code Vulnerability details Impact The OptionsPositionManager.swapExactTokensForTokens function is used to swap assets for exact assets. Here the exact amount of source token is swapped for an amount of target token. The function uses the IUniswapV2Router01.swapExactTokensForTokens call f...

Gas Cost Vulnerability

Lines of code Vulnerability details The fuse function iterates through the provided characterList to check for duplicate characters and validate the trays. If the length of characterList is too high, the gas cost for executing the fuse function will also be high, potentially reaching the block ga...

[M] TimeswapV2LiquidityToken.sol#collect() Incorrect implementation causing collect always fail

Lines of code Vulnerability details Impact The function collect in the provided code is supposed to transfer transaction fees from a liquidity token position to a recipient address. However, the function currently has an issue where the long0Fees, long1Fees, and shortFees variables are not...

_harvest rewards can be stolen because it doesn't implement any slippage bounds

Lines of code Vulnerability details Impact Harvested funds stolen Proof of Concept harvest does not implement any kind of minimum out when calling the 3 consecutive swaps L249, L263 and L275 to get from auraBal to Aura. An attacker could easily sandwich the least liquid pool and steal all the...

Unchecked call in _withdrawFromYieldPool

Lines of code GeneralVault.solL100-L128 LidoVault.solL122-L149 Vulnerability details Impact In the withdrawFromYieldPool function in LidoVault.sol, the receivedETHAmount value is returned before the sent value for the call function is checked on line 142. When withdrawCollateral is called in...

Batch Transfer will likely fail on ERC777 transfers, either maliciously or accidentally

Lines of code Vulnerability details Impact If users attempt to bridge ERC777s from Cosmos to Ethereum, it is highly likely that the transfers will revert. The issue lies in the combination of using safeTransfer and the idea of batching. safeTransfer will revert for any failed transfer meaning tha...

Matkt Hyperledger Besu 安全漏洞

Matkt Hyperledger Besu is an open source application from Matkt. It is used to run, maintain, debug and monitor nodes in the Ethernet network. A security vulnerability exists in Besu starting in version 21.10.0, which stems from changes in the software implementation of the SHL, SHR, and SAR...

DDOS by cancelling orders or removing approvals

Handle cmichel Vulnerability details The market assumes that the maker of an order approved the swivel contract as there are many calls that move funds from the maker to the contract, see Swivel.initiateVaultFillingZcTokenInitiate/initiateZcTokenFillingVaultInitiate: uToken.transferFromo.maker,...

Unbounded loop in _removeNft could lead to a griefing/DOS attack

Handle shw Vulnerability details Impact Griefing/DOS attack is possible when a malicious NFT contract sends many NFTs to the vault, which could cause excessive gas consumed and even transactions reverted when other users are trying to unlock or transfer NFTs. Proof of Concept 1. The function...