Functions can be called directly externally

Lines of code Vulnerability details Impact @dev This exists as a standalone contract but will only ever contain proxy code, not state. As such it should never be called directly or externally, and should only be invoked with DELEGATECALL so that it operates on the contract state within the primar...

No zero address check in PrimeLiquidityProvider.sol:sweepTokens

Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address0, the developer's assumption is that safeTransfer is checking for to not being the address0. In reality, it doesn’t implement such a check and we can see from the implementation of the function:...

Malicious code in aliyun-oss2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c33f6b28da216b43120a3b8a8537d0263dc1eb2b22979a4183b371ff57b9e0b Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Design/Logic Flaw

In the function call related to CAMREQMGRRELEASEBUF there is no check if the buffer is being used. So when a function called cammemgetcpubuf to get the kernel va to use, another thread can call CAMREQMGRRELEASEBUF to unmap the kernel va which cause UAF of the kernel address...

CVE-2023-28577

CVE-2023-28577 describes a kernel-use-after-free (UAF) condition in Qualcomm components where, during CAM_REQ_MGR_RELEASE_BUF, a check is not performed to verify whether the buffer is still in use. If a thread calls cam_mem_get_cpu_buf to retrieve a kernel virtual address (VA) and another thread ...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

Buffer overflow

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

gRPC 安全漏洞

gRPC is a modern, open-source, high-performance Remote Procedure Call RPC framework from gRPC Open Source. A security vulnerability exists in gRPC, which stems from the ability to call abort functions via http2...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

PT-2023-12093 · Amd · 1St Gen Amd Epyc™ Processors +110

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace,...

Use the _assetTransferFrom function instead of _assetTransfer. This is because the tokens are held in the escrow contract, rather than being in the destination BYTES address, and thus require a transfer from the escrow contract to the recipient's address

Lines of code Vulnerability details Impact The msg.sender lose his stakedBytes From BYTES address not possible to send stakedBytes to msg.sender. The stakedBytes only help in escrow contract not in BYTES address. Proof of Concept function assetTransfer address asset, address to, uint256 amount...

INCORRECT FUNCTION CALLS

Lines of code Vulnerability details Impact In Vault.sol, WithdrawProxy.sol and PublicVault.sol, name is making an incorrect external call to return its output variable. Apparently, it is calling ERC20asset.symbol instead of ERC20asset.name. Devoid of an accurate name description, this could lead ...

GSD-2023-1001112 IB/mad: Don't call to function that might sleep while in atomic context

IB/mad: Don't call to function that might sleep while in atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

PT-2023-33836 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue arises from a wrong function being called when vimc init fails. This problem was introduced in version v4.13 and is fixed in Linux Kernel version v6.0.16. Recommendations: For Linu...

Upgraded Q -> M from #323 [1668467355303]

Judge has assessed an item in Issue 323 as M risk. The relevant finding follows: L00: beforeTokenTransfer function called with wrong params in LBToken Line 237 seems to be a copy pasta mistake from line 209 in LBToken.sol. On line 237 when burning tokens, to should be zero, and amount of from's...

PicoC 缓冲区错误漏洞

PicoC is a lightweight C interpreter. A buffer overflow vulnerability exists in PicoC version 3.2.2, which stems from a boundary error in the StringStrncpy function in cstdlib/string.c when ExpressionParseFunctionCall is called while processing untrusted input. An attacker can exploit the...

PT-2022-27179 · Picoc · Picoc

Name of the Vulnerable Software and Affected Versions: PicoC version 3.2.2 Description: A heap buffer overflow was discovered in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall, which can lead to a potential issue. Recommendations: For PicoC version 3.2....

PA1D._payoutTokens() won't work for USDT and other inconsistent ERC20 tokens.

Lines of code Vulnerability details Impact Some ERC20 tokens USDT, BNB, OMG do not return a boolean on succesful transfer. Checking the returned value of transfer for these tokens will always fail. Proof of Concept Usage of ERC20 interface and require statement in PA1D.sol. Recommended Mitigation...