SUSE CVE-2017-12105

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context...

Upgraded Q -> 2 from #783 [1675429188655]

Judge has assessed an item in Issue 783 as 2 risk. The relevant finding follows: restakeGGP doesn't have whenNotPaused modifier At line 319 stakeGGP has whenNotPaused modifier, while restakeGGP has not. Suggest to add the same modifier to restakeGGP. --- The text was updated successfully, but the...

Upgraded Q -> 2 from #338 [1675444008015]

Judge has assessed an item in Issue 338 as 2 risk. The relevant finding follows: L-04 Staking.restakeGGP function should have whenNotPaused modifier Staking.sol 1 --- The text was updated successfully, but these errors were encountered: All reactions...

Lack of nonReentrant modifier when using _safeMint function

Lines of code Vulnerability details Impact The safeMint function implementation can allow a contract to reenter the the calling contract. Proof of Concept the safeMint function can be reentered through the safeMint function. function safeMintaddress to, UserMetadata calldata userMetadata public...

Lack of access control in Lendgine.sol.withdraw()

Lines of code Vulnerability details Impact Because the function does not check if the person has access to it, anyone can call it. After calling the function the malicious user can increase his position. 175: positions.updatemsg.sender, -SafeCast.toInt256size, rewardPerPositionStored; He can then...

withdrawFee() can be called multiple times by any user when quest has ended making it possible to drain contract and leave users unable to claim rewards

Lines of code Vulnerability details Impact The withdrawFee function in the Erc20Quest contract can be called multiple times. The modifier onlyAdminWithdrawAfterEnd is applied to the function which only makes it possible to call it after the end time of a quest. It should be noted that any user is...

Minting can be called by anyone

Lines of code Vulnerability details Minting can be called by anyone Summary Modifier is wrongly implemented, so every function that uses onlyMinter will be callable by anyone. This affects: RabbitHoleTicketsmintBatch RabbitHoleTicketsmint RabbitHoleReceiptmint Vulnerability Detail Modifier has no...

The onlyMinter modifier checks the wrong condition.

Lines of code Vulnerability details Impact In RabbitHoleReceipt.sol and RabbitHoleTicket.sol, receipts and tickets can be minted by anyone. Proof of Concept The first line inside the modifier can be passed without reverting for any callers. modifier onlyMinter msg.sender == minterAddress; ; Tools...

Wrong modifier

Lines of code Vulnerability details Impact H-01 The modifier that is declared in RabbitHoleReceipt.sol and RabbitHoleTickets.sol files has no impact and has not protection to methods that is used for. This modifier is used in 3 functions. Having no check would mean that this modifier will always ...

Wrongly implemented modifier allow anybody to mint receipts.

Lines of code Vulnerability details Impact Quest rewards can be claimed by anybody without completing any task. RabbitHoleReceipt.onlyMinter modifier purpose is to allow only designated addresses to mint new receipts like QuestFactory smart contract. But since the input is not validated anybody c...

Incorrect calculation

Lines of code Vulnerability details Impact On line 119, the result of the conversion is always going to be zero. Therefore, functions that apply onlyDriver modifier will never be executed. Proof of Concept Please deploy the code below to test the modifier's broken implementation. //...

Incorrect calculation

Lines of code Vulnerability details Impact On line 119, the result of the conversion is always going to be zero. Therefore, functions that apply onlyDriver modifier will never be executed. Proof of Concept Please deploy the code below to test the modifier's broken implementation. //...

High Severity Reentrancy Vulnerability in stateTransition Modifier

Lines of code Vulnerability details Impact Lack of reentrancy protection in the stateTransition modifier occurs in the following line of code. modifier stateTransitionTradeStatus begin, TradeStatus end requirestatus == begin, "Invalid trade state"; status = TradeStatus.PENDING; ; assertstatus ==...

Calling execute() and executeBatch() functions in SmartAccount.sol from the EntryPoint will fail

Lines of code Vulnerability details Impact The function requireFromEntryPointOrOwner is being called within the execute and executeBatch functions to check if the msg.sender is either the owner or the EntryPoint contract, but these functions have onlyOwner modifier, which will only allow the owne...

CVE-2022-43573

IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678...

PT-2023-14256 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 20.12 through 21.0.6 Description: The issue allows for the exposure of the name and email for the creator/modifier of platform level objects. Recommendations: For versions 20.12 through 21.0.6, update t...

IBM Robotic Process Automation 信息泄露漏洞

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. An information disclosure vulnerability exists in IBM Robotic Process Automation versions 20.12 through 21.0.6, which stems from the platform's tendency to expose the name and email of...

Relayer/executor-already-set Revert in setExecutor()

Lines of code Vulnerability details Summary The setExecutor function reverts if the executor variable has already been set. Impact If the executor variable has already been set and setExecutor is called again, the transaction will fail and any gas spent on the transaction will be lost...

The function _execute could be called externally

Lines of code Vulnerability details Author: rotcivegaf Impact The execute use a modifier to only can called internally, also specified in the documentation of the function: Must be called internally. But this modifier can be pass if a contract call the execute or bulkExecute and in the returnDust...

internalCall modifier can be circumvented with execute / bulkExecute

Lines of code Vulnerability details Impact The internalCall modifier ensures that public functions can only be called from another public function and not directly. It is implemented like that: modifier internalCall requireisInternal, "This function should not be called directly"; ; The modifier...