138 matches found
MAL-2022-3560 Malicious code in hardhat-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d413678735916efe26eb4cd4c106907b9e0fdce0f0bd3c41706a4a64e9b9139 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3561 Malicious code in hardhat-modern (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 364a19411c6fa78338bfd1eb9f6987f560554219e531430448430f84c4ecb947 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in modern-hardhat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96c131c39f2ccb7fe9bbb345454bfd7e287a9e8f2340eab60bb225d75be91833 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4662 Malicious code in modern-hardhat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96c131c39f2ccb7fe9bbb345454bfd7e287a9e8f2340eab60bb225d75be91833 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
execute does not work for ERC1155 tokens orders where amount > 1
Lines of code Vulnerability details Impact StandardPolicyERC1155 functions canMatchMakerBid and canMatchMakerBid always return amount == 1, regardless of the function arguments. This means that calling execute on an agreed order of ERC1155 token with an amount 1 will always transfer amount == 1 o...
Multiple storage slot collisions between versions - due to different order in declaration
Lines of code Vulnerability details Impact If we list the sequence of how variables receive slots, we will see the failure to follow "append-only" principle. Many variable added "in-between" V2 version can read/write wrong slots. Proof of Concept Here is the table/list of variable, built taking...
Malicious Package
Overview hardhat-cover is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
interest rate calculate vulnerability
Lines of code Vulnerability details Impact function addinterst uses the interest rate immediately generated by the current block first transaction calculated,it will cause some interest lose. Proof of Concepmt function addinterst uses the interest rate immediately generated by the current block t...
Registry.sol works bad - it fails to delivere expected functionality
Lines of code Vulnerability details Impact The description of Registry.sol is following: /// Deploys new proxies via the factory and keeps a registry of owners to proxies. Owners can only /// have one proxy at a time. But it is not. There are multiple problems: 1. Proxy owner can change and will...
[PNM-002] The expiry of the parent node can be smaller than the one of a child node, violating the guarantee policy
Lines of code Vulnerability details Description By design, the child node's expiry can only be extended up to the parent's current one. Adding these restrictions means that the ENS users only have to look at the name itself's fuses and expiry without traversing the hierarchy to understand what...
State Variable Shadowing
Lines of code Vulnerability details Impact Check: shadowing-state Severity: High Confidence: High It is possible to use the same variable twice in Solidity, but it can lead to unintended side effects.The TestAllowance.sol contract inherits from TesTBaseWorkflow.sol. In the TestAllowance.sol...
Non view function is called with staticcall in CErc20Delegator
Lines of code Vulnerability details Impact When using CToken implementation with CErc20Delegator, the functions borrowRatePerBlock and supplyRatePerBlock will revert when the underlying functions try to update some states. Detail The v1 of borrowRatePerBlock and supplyRatePerBlock were view...
Unused Return
Lines of code Vulnerability details Impact Configuration Check: unused-return Severity: Medium Confidence: Medium Description: The return value of this external call is not stored in a local or state variable. Unused return values of function calls are indicative of programmer errors which may ha...
Yieldy: WarmUp expiry can be prolonged by staking from somebody else
WarmUp expiry can be prolonged by staking from somebody else Staking.sol:406 Staking.sol:439-444 Staking.sol:691 Impact When warmUpPeriod is greater than 1, a third person can stake to the victim to prolong the warmUp expiry. The expiry prolongation also happens with cool down, although a third...
Value Overflow in FulfillmentApplier.sol
Lines of code Vulnerability details Value Overflow in FulfillmentApplier.sol Repo commit referenced: 49799ce156d979132c9924a739ae45a38b39ecdd Impact In aggregateValidFulfillmentOfferItems Line 274 and aggregateValidFulfillmentConsiderationItems Line 571 a variable errorBuffer has been defined as ...
Inconsistent storage layout for ERC2771ContextUpgradeable
Impact The storage layout of the ERC2771ContextUpgradeable is not constant between versions. - versions 4.0.0, 4.1.0 and 4.2.0, the contract has a length of 51 slots. - since 4.3.0, the contract has a length of 50 slots - future versions will continue using 50 slots. This difference in layout cou...
GHSA-7J52-6FJP-58GR Inconsistent storage layout for ERC2771ContextUpgradeable
Impact The storage layout of the ERC2771ContextUpgradeable is not constant between versions. - versions 4.0.0, 4.1.0 and 4.2.0, the contract has a length of 51 slots. - since 4.3.0, the contract has a length of 50 slots - future versions will continue using 50 slots. This difference in layout cou...
generateFLNQuote() can be used to prevent migration()
Handle GeekyLumberjack Vulnerability details Impact generateFLNQuote can be used to always cause migrate to revert. Effectively ending one of Behodler's main function's operability. Migration is core to Behodler economics. Proof of Concept 1. Attacker would write a script to call generateFLNQuote...
Griefing attack can prevent almost all activity in a pool
Handle harleythedog Vulnerability details Impact Consider the mint function in TimeswapPair.sol. The caller of this function is able to freely specify xIncrease, yIncrease and zIncrease. In particular, it is possible to specify xIncrease and zIncrease to be extremely small values e.g. 1 wei, whil...
Manipulation of the Y State Results in Interest Rate Manipulation
Handle Rhynorater Vulnerability details Impact Due to lack of constraints on user input in the TimeswapPair.solmint function, an attacker can arbitrarily modify the interest rate while only paying a minimal amount of Asset Token and Collateral Token. Disclosure: This is my first time attempting...