2 matches found
Siemens Comos 代码问题漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...
ETHVault, BkdEthCvx and VaultReserve use payable.transfer for inter-system transfers
Lines of code Vulnerability details Impact These contracts use payable.transfer for internal fund transfer, where the recipients are vaults, pools, strategies. This is generally unsafe as transfer has hard coded gas budget and can fail when the to is a smart contract. Such transactions will fail...