Lucene search
K

15 matches found

Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.30 views

Continuous Discovery of Vulnerabilities in LLM Serving Systems with Fuzzing

LLM inference and serving systems have become security-critical infrastructure; however, many of their most concerning failures arise from the serving layer rather than from model behavior alone. Modern inference engines combine KV cache, batching, prefix sharing, speculative decoding, adapters,...

5.8AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-35451 Malicious code in test-mlw2-grief-vulns (npm)

The package test-mlw2-grief-vulns was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in @malware-test-taras-hewer-grief-preys/test-mlw3-taras-hewer-grief-preys (npm)

The package @malware-test-taras-hewer-grief-preys/test-mlw3-taras-hewer-grief-preys was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in test-mlw2-grief-vulns (npm)

The package test-mlw2-grief-vulns was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-8993 Malicious code in @malware-test-taras-hewer-grief-preys/test-mlw3-taras-hewer-grief-preys (npm)

The package @malware-test-taras-hewer-grief-preys/test-mlw3-taras-hewer-grief-preys was found to contain malicious code...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.17 views

griefer can create maximum length time locks for other users with only dust

Lines of code Vulnerability details Description veOLAS is the voting token for the OLAS protocol. It functions like the curve.fi voting token in that a user gets more votes the longer they lock their tokens. A user can create a lock for themselves or have another user create a lock for them, usin...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/11/15 12:0 a.m.6 views

Attacker can Grief The Call to depositAsset Making It Impossible For The Victim To Deposit

Lines of code Vulnerability details Impact The attacker can grief the victim , making him unable to deposit asset into the pool. Proof of Concept The attack flow is as follows - Alice decides to deposit assets into the LRTDepositPool.sol , she calls depositPool here At L152 the function makes the...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/01 7:27 a.m.15 views

griefrecoverymethod.com Cross Site Scripting vulnerability OBB-3770967

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Code423n4
Code423n4
added 2023/08/21 12:0 a.m.12 views

M-02 Unmitigated

Lines of code Vulnerability details Comments In the previous implementation a malicious user could set arbitrary vault hooks for afterClaimPrize and beforeClaimPrize that could be used to gas grief the claimer or cause other claims in the same call to fail by deliberately reverting Mitigation The...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.11 views

Users with DEPLOY permission can grief each other through CREATE2

Lines of code Vulnerability details Bug Description In ERC725XCore.sol, the deployCreate2 function uses Openzeppelin's Create2.deploy to deploy new contracts: ERC725XCore.solL253-L267 function deployCreate2 uint256 value, bytes memory creationCode internal virtual returns bytes memory newContract...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/04/14 12:0 a.m.10 views

ETHCrowdfundBase#_calculateRefundAmount can return too many funds to users and brick refunds

Lines of code Vulnerability details Impact Malicious user can honeypot and grief users causing loss of funds Proof of Concept ETHCrowdfundBase.solL227-L230 if fundingSplitRecipient != address0 && fundingSplitBps 0 uint96 feeAmount = amount fundingSplitBps / 1e4; amount -= feeAmount; When a user...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/22 12:0 a.m.10 views

Grief on transfers due to vestingStart during vesting

Lines of code Vulnerability details Impact Past similar finding with the same severity: code-423n4/2022-05-runes-findings30 While centralization risk is acknowledged by the team & the C4udit tool: this may lead to loss of functionality grief. Proof of concept There is no requirement for the start...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/21 12:0 a.m.12 views

Attackers can call update and grief the users from swapping tokens

Lines of code Vulnerability details Impact Attackers can call update and grief the users from swapping tokens An attacker can specify reserve0 and revsere1 in update function and make it very small number and the user will have to supply zero tokens otherwise the function will fail. mitigation :...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/15 1:0 p.m.34 views

Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471. The attacks mark an increase of 110 and 129 attacks from the third and second...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/31 12:0 a.m.13 views

Calling generateFLNQuote twice in every block prevents any migration

Handle camden Vulnerability details Impact and PoC In the Uniswap helper, generateFLNQuote is public, so any user can generate the latest quote. If you call this twice in any block, then the two latest flan quotes will have a blockProduced value of the current block's number. These quotes are use...

6.8AI score
Exploits0
Rows per page
Query Builder