7 matches found
Insufficient Granularity of Access Control
Overview @paperclipai/ui is a Prebuilt Paperclip board UI assets. Affected versions of this package are vulnerable to Insufficient Granularity of Access Control inadequate authorization checks in the POST /api/agents/:id/keys, GET /api/agents/:id/keys, and DELETE /api/agents/:id/keys/:keyId route...
EUVD-2018-5078
Malware in sbrugna...
CVE-2018-13131
SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...
Inflation attack in VotiumStrategy
Lines of code Vulnerability details Summary The VotiumStrategy contract is susceptible to the Inflation Attack, in which the first depositor can be front-runned by an attacker to steal their deposit. Impact Both AfEth and VotiumStrategy acts as vaults: accounts deposit some tokens and get back...
GHSA-WMPV-C2JP-J2XG ERC1155Supply vulnerability in OpenZeppelin Contracts
When ERC1155 tokens are minted, a callback is invoked on the receiver of those tokens, as required by the spec. When including the ERC1155Supply extension, total supply is not updated until after the callback, thus during the callback the reported total supply is lower than the real number of...
Synth tokens can get over-minted
Handle WatchPug Vulnerability details Per the document: It also is capable of using liquidity units as collateral for synthetic assets, of which it will always have guaranteed redemption liquidity for. However, in the current implementation, Synth tokens are minted based on the calculation result...
Bitotal (TFUND) Integer Overflow Vulnerability
Bitotal TFUND is a smart contract that runs on Ether. An integer overflow vulnerability exists in the mintTokens function in Bitotal TFUND. The vulnerability can be exploited by the contract owner to arbitrarily retrieve minted tokens...