Lucene search
K

10 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/19 9:41 p.m.5 views

CVE-2025-15645

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

5.1CVSS5.9AI score0.0021EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/16 11:38 p.m.2 views

SUSE CVE-2025-11568

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

4.4CVSS6.8AI score0.00093EPSS
Exploits0References6
Code423n4
Code423n4
added 2023/12/05 12:0 a.m.8 views

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed. Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed.

Lines of code Vulnerability details Potest egreditur posses torrens fugamque ignavis Ubi spectemur patent prominet tenebat ait est Lorem markdownum vitam, unus cum quaeque bellique portante et siccis intremuere nondum pascere vidit. In mihi cara terra, sui regni meritasque nescia, litora vocatum...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/10/24 12:0 a.m.8 views

Upgraded Q -> 3 from #839 [1698131435131]

Judge has assessed an item in Issue 839 as 3 risk. The relevant finding follows: UniV3LiquidityAMO: recoverERC721 does not, in fact, recovers them The function to recover ERC721’s found here sends them to the rDPX V2 core contract, however said contract has no function to retrieve them, rendering...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/01 12:0 a.m.12 views

Potential Loss of Rewards During Token Transfers in StaticATokenLM.sol

Lines of code Vulnerability details Impact This issue could lead to a permanent loss of rewards for the transferer of the token. During the token transfer process, the beforeTokenTransfer function updates rewards for both the sender and the receiver. However, due to the specific call order and th...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/09/15 12:0 a.m.12 views

Contracts that lock Ether

Lines of code Vulnerability details Impact When receive function, hasn't a revert all ethers send contracts will be locked forever. Proof of Concept Bob send ether to contract, funds were locked forever and Bob lost money. Tools Used manually Recommended Mitigation Steps Remove the payable...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/18 12:0 a.m.10 views

_sendTokenToBribesProcessor() doesn't check bribesProcessor's address. Could cause permanent loss of fund

Lines of code Vulnerability details Impact In sendTokenToBribesProcessor, it sends tokens to bribesProcessor. It seems to be ok because claimBribesFromHiddenHand will confirm that bribesProcessor is not address0. sweepRewardToken also triggers sendTokenToBribesProcessor. But it doesn’t check...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/09 12:0 a.m.9 views

User Who Lock Up JPEG More Than Once Will Permanantly Lock Their Previous Deposited JPEG into Contract

Lines of code Vulnerability details Impact 1. Alice Request DAO to Call setNFTTypeValueETH and DAO Approved it 2. Alice Call finalizePendingNFTValueETH and External Function jpegLocker.lockFor was Called. 3. In JPEGLock.sol, Alice Transfer lockAmount = 1000 of JPEGS into the Contract and info was...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/08 12:0 a.m.19 views

Existing user’s locked JPEG could be overwritten by new user, causing permanent loss of JPEG funds

Lines of code Vulnerability details Details & Impact A user’s JPEG lock schedule can be overwritten by another user’s if he the other user submits and finalizes a proposal to change the same NFT index’s value. The existing user will be unable to withdraw his locked JPEGs, resulting in permanent...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/26 12:0 a.m.11 views

Attacker can grief initial pool by providing 1 baseToken, 1 quoteToken, and manually transferring 1 baseToken

Handle camden Vulnerability details Impact Read the attack composition below. But the main criteria is that the attacker has to be the first person to provide liquidity. They can at least from my testing permanently grief a pool and make it impossible for any later person to get liquidity tokens,...

6.6AI score
Exploits0
Rows per page
Query Builder