8 matches found
batchDepositETHForStaking in GiantMevAndFeesPool.sol can be ticked to steal all ETH in the pool
Lines of code Vulnerability details Impact All Eth can be drained by fake vault addresses. Proof of Concept In batchDepositETHForStaking, stakingFundsVault is checked for its validity through StakingFundsVault sfv = StakingFundsVaultpayablestakingFundsVaulti; require...
batchDepositETHForStaking in GiantSavETHVaultPool.sol can be ticked to steal all ETH in the pool
Lines of code Vulnerability details Impact All Eth can be drained by fake vault addresses. Proof of Concept In batchDepositETHForStaking, savETHVault is checked for its validity through SavETHVault savETHPool = SavETHVaultsavETHVaultsi; require...
One co-creator with a small share can get 100% of the funds in the splitter
Lines of code Vulnerability details Impact One co-creator with a small share can get 100% of the funds by calling the incrementWindow function from an attacker contract that mimics RoyaltyVault. He can then create one or multiple fake windows and claim them to get the full balance of the splitter...
Threat Outbreak Alert: Fake Contract Delivery Notice Email Messages on May 21, 2014
Medium Alert ID: 34319 First Published: 2014 May 21 14:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to French-language spam email messages that claim to contain a contract notification for the recipient. The text in the email message attempts to convince the...
Threat Outbreak Alert: Fake Contract Notification Email Messages on November 29, 2013
Medium Alert ID: 31944 First Published: 2013 December 2 17:09 GMT Version: 1 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain a contract proposal for the recipient. The text in the e-mail message attempts to convince th...
Threat Outbreak Alert: Fake Contract Document Delivery Email Messages on November 25, 2013
Medium Alert ID: 31903 First Published: 2013 November 26 20:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain a contract document for the recipient. The text in the email message attempts to convince...
Threat Outbreak Alert: Fake Contract Document Delivery Email Messages on October 3, 2013
Severity Alert ID: 31124 First Published: 2013 October 4 13:39 GMT Version: 1 Threat Outbreak Threat Outbreak Summary Cisco Security has detected significant activity on October 3, 2013. Revision History Initial ReleaseShow Less Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND...
Threat Outbreak Alert: Fake Contract Information Email Messages on June 22, 2013
Medium Alert ID: 29752 First Published: 2013 June 24 12:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain contract information for the recipient. The text in the email message attempts to persuade the...