Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/05 9:26 p.m.2 views

CVE-2026-35679

Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...

3.5CVSS5.9AI score0.0022EPSS
Exploits0References3
Veracode
Veracode
added 2024/12/11 8:35 a.m.10 views

Malicious Package

@solana/web3.js is a Malicious Package allowing an attacker to steal private key material and drain funds from applications directly handling private keys...

8.3CVSS6.7AI score0.00431EPSS
Exploits0References1Affected Software1
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.18 views

Reentrancy in mint function leads to various problems

Lines of code Mint function in minter contract: Mint function in core contract: Vulnerability details Bug Description When minting NFTs, users will using the mint function. This function will mint a NFT using the safeMint function. The problem is that this mint will be done before crucial variabl...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.6 views

Admin can drain user funds from the Pool or buy assets for free

Lines of code Vulnerability details Impact We assume that the admin is honest, however there is still possibility of exploiting asset policy contract to and set price to 0 in oder to buy an asset for free - or even worse - drain user funds by setting the price really high in...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.12 views

recoverERC20 can drain user's funds

Lines of code Vulnerability details recoverERC20 function is deployed so users who have accidently sent erc20 tokens to the contract be able to recover them. recoverERC20 uses ifminAmountRewardTokentoken != 0 revert Errors.CannotRecoverToken; to check if token was set to one of the RewardTokens o...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/08/28 12:0 a.m.3 views

Microtransit EV Android App Has Logic Design Flaws

Microbus EV APP is a car time-share rental service software. Microtransit EV Android APP has a logical design vulnerability, the attacker logs into the system by grabbing packets to modify the user ID, logs into any account, and also performs unauthorized operations, such as funds consumption...

6.8AI score
Exploits0
Rows per page
Query Builder