7 matches found
EUVD-2021-24038
Malware in sbrugna...
The vulnerability of Intel Core Ultra microprogramming software, related to performing actions in the wrong order, allows a perpetrator to disclose protected information.
The vulnerability of Intel Core Ultra microprogramming software relates to the execution of actions in the wrong order. Exploiting this vulnerability can allow an attacker to disclose protected information...
Trader can still execute the order even after cancelling the order
Lines of code Vulnerability details Impact There are no checks to verify whether the order has been cancelled or not in execute function. This will enable traders to place the order even after cancellation Proof of Concept Execute cancelOrder function with Order data Include the Order in input of...
A cancelled order can be executed again by the order creator.
Lines of code Vulnerability details Impact A cancelled order can be executed again by the order creator. While validating the signature, it doesn't check any conditions when order.order.trader == msg.sender here so the already cancelled/filled orders can be executed again when the caller increase...
Buyer may not agree on gasCost
Lines of code Vulnerability details Impact Gas cost when matching orders is payed by the buyer. Since buyers don't have control on order execution, they may spend more gas than what they are willing to. Examples: periods of high gasPrice, or if NFTs for some reason consume a extra amount of gas...
CloudBees Jenkins Competitive Conditions Vulnerability (CNVD-2018-02836)
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . A...
CPU hardware vulnerable to side-channel attacks
Overview CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre. Description CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take...