5 matches found
High risk in integrating Ocean with Curve TriCrypto pool on Arbitrum
Lines of code Vulnerability details Impact The Curve TriCrypto adapter contract enables swapping, adding liquidity, and removing liquidity for the USDT-WBTC-ETH pool on Arbitrum. However, this pool has been flagged for potential exploit risks. Curve Finance issued a warning: This pool might be at...
Malicious actors could pass in huge arrays to disrupt service availability (DOS) in the updateVotingPower function
Lines of code Vulnerability details Impact The contract is stopped from being usable by legitimate users if the attacker repeatedly spammed large arrays Proof of Concept The updateVotingPower function currently only checks that the array is = 50: While 50 may be a reasonable limit for normal usag...
Penetration Testing or Vulnerability Scanning? What's the Difference?
Pentesting and vulnerability scanning are often confused for the same service. The problem is, business owners often use one when they really need the other. Let's dive in and explain the differences. People frequently confuse penetration testing and vulnerability scanning, and it's easy to see...
BWA - OWASP Broken Web Applications Project
A collection of vulnerable web applications that is distributed on a Virtual Machine. Description The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: learning about web application security testin...
[OWASP Broken Web Applications Project VM v1.1] Collection of vulnerable web applications
The Broken Web Applications BWA Project is a collection of vulnerable web applications that is distributed on a Virtual Machine. The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: Learning about...