EUVD-2018-6007

Malware in sbrugna...

Malicious Code Detection in Smart Contracts Via Opcode Vectorization

With the booming development of blockchain technology, smart contracts have been widely used in finance, supply chain, Internet of things and other fields in recent years. However, the security problems of smart contracts become increasingly prominent. Security events caused by smart contracts...

Denial Of Service (DoS)

github.com/CosmWasm/wasmvm is vulnerable to a Denial-of-Service DoS. The vulnerability is due to a bug affecting both permissioned and permissionless chains due to its ability to be reliably triggered using a malicious contract, potentially causing a chain crash...

wasmvm: Malicious smart contract can slow down block production

CWA-2025-002 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.2.0, = 2.1.0, = 2.0.0, 2.0.6 - wasmvm 1.5.8 Patched versions: - wasmvm 1.5.8, 2.0.6, 2.1.5, 2.2.2 Description of the bug The vulnerability can be used to slow down block production. The attack requires a malicious...

wasmvm: Malicious smart contract can crash the chain

CWA-2025-001 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.2.0, = 2.1.0, = 2.0.0, 2.0.6 - wasmvm 1.5.8 Patched versions: - wasmvm 1.5.8, 2.0.6, 2.1.5, 2.2.2 Description of the bug The vulnerability can be used to crash the chain. The underlying bug that causes this is presen...

PT-2025-5642 · Wasmvm · Wasmvm

Name of the Vulnerable Software and Affected Versions: wasmvm versions 2.2.0 through 2.2.1 wasmvm versions 2.1.0 through 2.1.4 wasmvm versions 2.0.0 through 2.0.5 wasmvm versions prior to 1.5.8 Description: The issue can be used to slow down block production and requires a malicious contract...

Insufficient validation of contracts when setting authorised address.

Lines of code Vulnerability details Impact governance can set Malicious contract as authorised address and since the AddressProvider.sol is a singular source of truth an attacker can craft an exploit to abuse authorizedAddress privileges. Proof of Concept A miniaturised POC is shown below. in the...

require statement commented posses attack by malicious contract

Lines of code Vulnerability details Impact The 'require' statement commented posses attack by malicious contract. The LiquidityMiningPath.sol contract has the Governance requirement of the ‘require’ statement commented. If the intention was to make use of the ‘require’ statement, uncomment it so ...

Malicious RestrictionManger can be used to verify Tranche Members

Lines of code Vulnerability details The ability to file a new Restriction Manger after deployment can actually be utilized by a rouge ward and deploy a malicious version of the RestrictionManger that implements almost the same thing as the originals, but just tweaked to return the SUCCESSMESSAGE...

A malicious contract could steal assets via a flash loan

Lines of code Vulnerability details Impact A malicious contract could fail to return the assets, essentially stealing the Proof of Concept The key vulnerability is in the flashloan function. It transfers the assets to the receiver contract specified in info.receiver without any checks. Then it...

InterchainTokenService.expressReceiveTokenWithData does not apply Check-Effect-Interaction mode

Lines of code Vulnerability details Impact InterchainTokenService.expressReceiveTokenWithData does not apply the Check-Effect-Interaction pattern. In some edge cases, the caller can lose funds. Proof of Concept The life cycle of sending token across chains contains 3 phases: //P1: launch on sourc...

CrossDomainMessenger relayMessage Vulnerability

Lines of code Vulnerability details Impact The vulnerability allows an attacker to manipulate the sender address sender parameter when relaying a message from Layer 2 L2 to Layer 1 L1 in a cross-domain scenario. The issue arises due to the use of the L2CrossDomainMessenger contract address...

OffchainDNSResolver Contract Missing onlyOwner Modifier in Constructor Can Lead to DNS Hijacking Attacks

Lines of code Vulnerability details Impact The OffchainDNSResolver contract has a security vulnerability where it doesn't have a safeguard called the onlyOwner modifier in its constructor, this means that anyone can deploy the contract. This could allow a bad actor to create a version of the...

Possibly Susceptible to Reentrancy Attack

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. No protection against reentrancy attacks, which could allow an attacker to exploit the contract's logic by calling functions in the contract before the original call is completed. Proof of Concept To...

Reentrancy attacks : if the functions in the interfaces are called in a malicious contract that calls back into the calling contract before the first call completes.

Lines of code Vulnerability details Impact Reentrancy attacks could be possible if the functions in the interfaces are called in a malicious contract that calls back into the calling contract before the first call completes. Proof of Concept A malicious contract is created that calls the...

HIGH : The Giant pools can be drained by any user.

Lines of code Vulnerability details Description In GiantSavETHVaultPool.sol, batchDepositETHForStaking is used to deposit held funds to savETHPool vault: function batchDepositETHForStaking address calldata savETHVaults, uint256 calldata ETHTransactionAmounts, bytes calldata blsPublicKeys, uint256...

Reentrancy in createAuction() function

Lines of code Vulnerability details Impact Some ERC20 tokens missing return values and don't fail in case of an unsuccessful transfer. Also, ERC777 tokens could call the tokens receivers during the transfer. If baseToken would be such a token that combines both properties - this could lead to a...

delegatecall() modify merkleRoot, vault may lose all

Lines of code Vulnerability details Impact If the vault contract delegatecall the malicious contract by execute，the important variable merkleRoot can be modified. If the merkleRoot is set well designed, the vault will lose all tokens. Because, there are two main requirements for function execute ...

[H-03] Attacker can mint unbound amount of iPTs (on APWine)

Lines of code Vulnerability details Note that I've reported a similar vulnerability, on a different 'Principals' and POC\attack vector is a bit different. I will leave it to the judge to decide if these should be grouped as 1 report or not - but I wanted to be specific at the POC instead of...

Re-entrace danger in PCVDeposit

Lines of code Vulnerability details Impact A malicious contract can empty all the system if he get ETH with the function withdrawETH. The onlyPCVController call this function and send ETH to the malicious contract, and then the malicious can use delegatecall and pretend to be onlyPCVController, a...