Lucene search
K

36 matches found

Code423n4
Code423n4
added 2023/09/07 12:0 a.m.11 views

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.14 views

Zero Amount Check Missing in reLP function

Lines of code Vulnerability details Impact If amount is 0, the reLP function will still execute all its operations, including external contract calls, which consume gas. This could lead to unnecessary gas costs for the caller. In a worst-case scenario, if this function is called repeatedly with...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.9 views

Missing sanityCheckUnderlying Call in Certain Functions of OptionsPositionManager Contract

Lines of code Vulnerability details Bug Description In the OptionsPositionManager contract, there is a missing call to the sanityCheckUnderlying function at the beginning of the sellOptions and close functions. These functions involve interactions with option assets and underlying tokens. However...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/07/30 12:0 a.m.8 views

Inability of Followers and Followees to Commenting

Lines of code Vulnerability details Impact The lack of functionality restricts interaction and engagement between the profile owner and their followers or the users they follow. This limitation diminishes the platform's value, as users who are interested in a post or have a genuine reason to...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.13 views

Manager can delete any users voting power

Lines of code Vulnerability details Impact A manager can maliciously/accidentally remove all voting power for all users due to missing input validation when setting the multiplier value. By setting a value smaller than 1e3 it will result in all multiplier calculations rounding to 0, causing loss ...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/05 12:0 a.m.6 views

changeAdmin function does not have checks

Lines of code Vulnerability details Impact changeAdmin does not check for new address which should be different than the old one. Also newAdmin should not be same as the carrying out the transaction. Proof of Concept Tools Used VScode Recommended Mitigation Steps CEI to be placed in context of...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.15 views

Lack of deep validation

Lines of code Vulnerability details Impact The validate functions are just checking the parameters type without checking any further information Proof of Concept They are just trying to cast the value with i.TYPE and check if there is an error. There is no further validations e. g...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.9 views

Bypass check with one non-standard denom

Lines of code Vulnerability details Impact Wrong conditional when checking for non-standard denoms Proof of Concept The conditional is used to sanitize if the denom1 and denom2 are indeed standardDenom see the error in the next line. However, the condition can be bypassed with one of them being...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.7 views

Rebalancing may overshoot

Lines of code Vulnerability details Impact A rebalance operation may overshoot, bringing the percentage outside the thresholds. Proof of Concept There are contractual limitations on the rebalance operations. It is assumed that these are put in place to ensure that the Rebalance Defender bot is no...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.9 views

Inadequate checks for comptroller in PoolRegistry#addMarket allows malicious comptrollers to be added

Lines of code Vulnerability details Impact Malicious comptrollers will be available in the protocol Proof of Concept The addMarket function only checks that the input.comptroller is not the 0 address, but does not check if the comptroller was actually created by the PoolRegistry contract. A...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/04 12:0 a.m.6 views

The values for strategyIndexes are not enforced

Lines of code Vulnerability details Proof of Concept strategyIndexes is used to indicate which strategies the caller will withdraw 100% of his shares, but it can contain any value when calling StrategyManager.queueWithdrawal and StrategyManager.slashShares. These two functions will reuse...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/04 12:0 a.m.14 views

Users can queue a withdrawal and potentially withdraw completely if PAUSED_EIGENPODS_VERIFY_OVERCOMMITTED = false

Lines of code Vulnerability details Impact Users can queue a withdrawal and potentially withdraw completely if PAUSEDEIGENPODSVERIFYOVERCOMMITTED = false Proof of Concept We need to look at two functions. The first one is function verifyOvercommittedStake uint40 validatorIndex,...

6.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/02/06 11:49 p.m.34 views

Openshift Enterprise source-to-image vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip)

Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. An attacker who could trick a user into using the command to copy files locally, from a pod, could override files outside of the target directory of the command. Specific Go Packages...

6.5CVSS6.3AI score0.01338EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/09/02 12:0 a.m.25 views

CVE-2022-39176

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...

8.8CVSS6.1AI score0.00657EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/06/29 12:0 a.m.6 views

Machform 跨站脚本漏洞

MachForm is an HTML form builder that lets you create contact forms, surveys, order forms or any other web form without writing code. A stored cross-site scripting vulnerability exists in versions prior to Machform 16. The vulnerability stems from insufficient validation of file attachments...

6.1CVSS5.3AI score0.00685EPSS
Exploits0References4
OSV
OSV
added 2017/09/17 9:29 p.m.3 views

CVE-2017-14511

An issue was discovered in SAP E-Recruiting aka ERECRUIT 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers can register and...

7.5CVSS5.8AI score0.01408EPSS
Exploits0References3
Rows per page
Query Builder