Lucene search
K

50 matches found

RedhatCVE
RedhatCVE
โ€ขadded 2026/01/09 11:35 a.m.โ€ข7 views

CVE-2021-41591

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...

9.4CVSS7AI score0.0165EPSS
Exploits1References1
Snyk
Snyk
โ€ขadded 2026/01/05 7:57 p.m.โ€ข0 views

Integer Overflow or Wraparound

Overview @openzeppelin/confidential-contracts is a Smart Contract library for use with confidential coprocessors Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the wrap and onTransferReceived functions used by the ERC7984 contract. An attacker can cause user...

8.2CVSS7AI score
Exploits0References2
Github Security Blog
Github Security Blog
โ€ขadded 2026/01/05 7:57 p.m.โ€ข9 views

ERC7984ERC20Wrapper: once a wrapper is filled, subsequent wrap requests do not revert and result in loss of funds.

Impact The ERC7984 contract tracks total supply using a confidential euint64 value. If a call to the internal mint function would result in the total supply overflowing, the call fails silently. The wrap and onTransferReceived functions in ERC7984ERC20Wrapper assume that mint won't fail silently...

6.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข4 views

EUVD-2024-0614

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00882EPSS
Exploits1References6
RedhatCVE
RedhatCVE
โ€ขadded 2025/02/05 5:34 a.m.โ€ข7 views

CVE-2024-1631

Impact: The library offers a function to generate an ed25519 key pair via Ed25519KeyIdentity.generate with an optional param to provide a 32 byte seed value, which will then be used as the secret key. When no seed value is provided, it is expected that the library generates the secret key using...

9.1CVSS6.8AI score0.00882EPSS
Exploits1References1
NVD
NVD
โ€ขadded 2024/08/15 9:15 p.m.โ€ข27 views

CVE-2024-43366

zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition. It leads to a loss of funds or other unwanted behavior if the loop body contains it. However,...

9.1CVSS0.00511EPSS
Exploits1References1
OSV
OSV
โ€ขadded 2024/06/14 2:31 p.m.โ€ข5 views

CVE-2024-34694 LNbits improperly handles potential network and payment failures when using Eclair backend

LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...

8.1CVSS6.8AI score0.00602EPSS
Exploits0References3
Vulnrichment
Vulnrichment
โ€ขadded 2024/06/14 2:31 p.m.โ€ข16 views

CVE-2024-34694 LNbits improperly handles potential network and payment failures when using Eclair backend

LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...

8.1CVSS6.7AI score0.00602EPSS
Exploits0References1
Positive Technologies
Positive Technologies
โ€ขadded 2024/05/04 12:0 a.m.โ€ข7 views

PT-2024-25929 ยท Btcd ยท Btcd

Name of the Vulnerable Software and Affected Versions: btcd versions prior to 0.24.0 Description: The issue arises from an incorrect implementation of the consensus rules outlined in BIP 68 and BIP 112, making btcd susceptible to consensus failures. Specifically, it uses the transaction version a...

7.5CVSS7.2AI score0.00558EPSS
Exploits0References16
OSV
OSV
โ€ขadded 2024/02/21 2:54 a.m.โ€ข44 views

GHSA-C9VV-FHGV-CJC3 agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`

Impact The library offers a function to generate an ed25519 key pair via Ed25519KeyIdentity.generate with an optional param to provide a 32 byte seed value, which will then be used as the secret key. When no seed value is provided, it is expected that the library generates the secret key using...

9.1CVSS9.2AI score0.00882EPSS
Exploits1References6
OSV
OSV
โ€ขadded 2024/02/21 2:12 a.m.โ€ข4 views

CVE-2024-1631 agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`

Impact: The library offers a function to generate an ed25519 key pair via Ed25519KeyIdentity.generate with an optional param to provide a 32 byte seed value, which will then be used as the secret key. When no seed value is provided, it is expected that the library generates the secret key using...

9.1CVSS7.2AI score0.00882EPSS
Exploits1References7
Code423n4
Code423n4
โ€ขadded 2023/09/27 12:0 a.m.โ€ข9 views

Missing slippage control while depositing rewards in SafEth and VotiumStrategy

Lines of code Vulnerability details Summary Deposits to SafEth and VotiumStrategy coming from rewards lack slippage control, making them susceptible to sandwich attacks by MEV bots, which can result in a loss of funds for the protocol. Impact Rewards coming from the VotiumStrategy contract are...

6.9AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/09/07 12:0 a.m.โ€ข7 views

Low level calls to accounts with no code will succeed in multiexcall function

Lines of code Vulnerability details Impact Low level calls behave differently than function calls in Solidity. Calls at the EVM level to accounts with no code are successful, this is the expected and normal behavior. It is Solidity that adds checks to prevent accidental calls to accounts with no...

7.2AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/08/07 12:0 a.m.โ€ข12 views

cleanup() does not properly handle debt repayment

Lines of code Vulnerability details Impact The cleanup... function in the PositionManager.sol contract is used to deposit remaining users assets back to ROE, repaying debt if any. However the users debt will not be repaid if the user has debt leading to loss of funds for the lenders and the proje...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/07/28 12:0 a.m.โ€ข13 views

Manager can delete any users voting power

Lines of code Vulnerability details Impact A manager can maliciously/accidentally remove all voting power for all users due to missing input validation when setting the multiplier value. By setting a value smaller than 1e3 it will result in all multiplier calculations rounding to 0, causing loss ...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/07/14 12:0 a.m.โ€ข10 views

Depositors might lose funds due to the lack of zero share check

Lines of code Vulnerability details Impact Depositors might lose funds due to the lack of checking whether the shares to be minted is equal to zero. When this happens, the assets will be deposited into the vault, but the depositors will receive zero shares. This is independent from the initial...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/07/10 12:0 a.m.โ€ข13 views

TWAP can be easily manipulated by attacker through the sync() function, causing loss of funds

Lines of code Vulnerability details Description Please refer to the issue titled Implementation of Well shift function allows attackers to completely manipulate the oracles for relevant introduction and context. The safety of the TWAP relies on calling the observation function update with the...

6.9AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/06/05 12:0 a.m.โ€ข12 views

Upgraded Q -> 2 from #9 [1685982867794]

Judge has assessed an item in Issue 9 as 2 risk. The relevant finding follows: Users might lose funds after calling rageQuit by malicious frontrunners. --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/04 12:0 a.m.โ€ข13 views

Depositors risk losing funds through StrategyManager.depositIntoStrategyWithSignature()

Lines of code Vulnerability details Impact The StrategyManager contract has two functions for depositing funds into Strategy contracts, one of them is depositIntoStrategyWithSignature which allows the caller to make a deposit and the new shares are credited to a specified staker. If the staker...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/03/30 12:0 a.m.โ€ข20 views

Incorrect minOut calculation in SfrxEth.withdraw()

Lines of code Vulnerability details Impact Final value of mintOut will be lower or higher according to the SFRXETH/FRXETH price ratio. This can result in higher slippage where user can loss funds. Else in other case the slippage will be low and transaction gets reverted unexpectedly Proof of...

7AI score
Exploits0
Rows per page
Query Builder