PartyGovernance contract cannot accept Eth

Lines of code Vulnerability details Impact The PartyGovernance contract does not have payable in it fallback back function which is the main context of allowing a contract to accept Ether or else it will revert or lost forever if receive. Proof of Concept Lack of payable fallback function is...

Security update for tor (moderate)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2023:0361-1 Rating: moderate References: 1216873 Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 An update that contains security fixes can now be installed. Description: This update for...

kernel: Linux kernel: Denial of Service due to NULL pointer dereference in mptcp fastopen

A flaw was found in the Linux kernel's Multipath TCP mptcp implementation. During an early fallback to TCP in the fastopen process, the system incorrectly deletes a subflow context before it is no longer needed. This can lead to a NULL pointer dereference, allowing a local attacker with low...

Insufficient validation of contracts when setting authorised address.

Lines of code Vulnerability details Impact governance can set Malicious contract as authorised address and since the AddressProvider.sol is a singular source of truth an attacker can craft an exploit to abuse authorizedAddress privileges. Proof of Concept A miniaturised POC is shown below. in the...

User can selectively turn on the fallback flag to take all ETH on the agent contract as layerzero fee refund

Lines of code Vulnerability details Impact performFallbackCall can revert sliently when refundee is not capable of taking ETH refund from layerzero side Proof of Concept In RootBridgeAgent.sol when the has fall back toggle flag is on, the smart contract aim to perform a fallback call to notify th...

Gas that was sent by LayerZero can get stuck in the contract in some cases

Lines of code Vulnerability details If a tx on the destination chain calls back the chain from where the transaction was initiated by the user, the first transaction on the source chain needs to "airdrop" gas to the destination chain so it is able to call back the source chain. The problem is tha...

Incorrect functionID will not trigger fallback

Lines of code Vulnerability details Impact When encoding a payload for settlement of multiple tokens, the fallback flag is not set when it should be. This will cause no fallback to be triggered even though the user has paid enough to cover the additional costs that are required. Proof of Concept ...

Rocky Linux 8 : nodejs:18 (RLSA-2023:4035)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4035 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrar...

Claim reward can be inaccessible if msg.sender is a smart contract with no fallback/receive function

Lines of code Vulnerability details Impact When calling claim on LendingLedger, the claim reward can be inaccessible if msg.sender is a smart contract with no fallback/receive function. Indeed, msg.sender.callvalue: cantoToSend"" would fail and the claim would revert, not allowing the user to...

CVE-2023-26445

Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and...

Default credentials

Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and...

CVE-2023-26445

Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and...

Default Account fallback lack payable

Lines of code Vulnerability details Impact fallback lack payable,will lead to differences from the mainnet, and many existing protocols may not work Proof of Concept DefaultAccount Defined as follows: DefaultAccount The implementation of the default account abstraction. This is the code that is...

Attackers might be able to avoid calling reference modules when creating publications

Lines of code Vulnerability details Bug Description When comment, mirror or quote is called on a publication with a reference module, the reference module will be called. For example, when a user mirrors another publication with a reference module, the processMirror function of that reference...

Potential for Permanent Lock of Funds in NounsDAOExecutorV2 Contract

Lines of code Vulnerability details Impact The NounsDAOExecutorV2 contract has a potential vulnerability where Ether or ERC20 tokens could become permanently locked in the contract. This could occur if funds are sent to the contract by someone other than the admin, or if the admin loses access to...

An attacker can burn shares of other users by calling executeFlashloan()

Lines of code Vulnerability details The executeFlashloan in PeUSDMainnetStableVision.sol allows users to execute flash loans but the problem is that the receiver doesnt have to be the msg.sender so an attacker can do 2 things: 1. Execute other users flash loans 2. If a user is a smart contract th...

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS , which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector fo...

[adriro-NEW-M-02]: Wallet design prevents EIP-165 extensibility

Lines of code Vulnerability details adriro-NEW-M-02: Wallet design prevents EIP-165 extensibility The current wallet fallback design prevents the extensibility of the EIP-165 functionality. Impact Ambire wallet extensibility is provided by a fallback mechanism. If a fallback handler is defined in...

CVE-2023-34363

An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...

Reentrancy guard in rageQuit() can be bypassed

Lines of code Vulnerability details Reentrancy guard in rageQuit can be bypassed The reentrancy guard present in the rageQuit function can be bypassed by host accounts, leading to reentrancy attack vectors and loss of funds. Impact The new rageQuit function can be used by party members to exit...