Lucene search
K

334 matches found

Code423n4
Code423n4
added 2023/11/13 12:0 a.m.7 views

Artist Royalty Split Proposal Functionality Missing

Lines of code Vulnerability details Impact The protocol's documentation specifies that royalty splits can be proposed by the artist and accepted by the admin. However, the MinterContract does not implement the functionality for artists to propose royalty splits. This inconsistency between the...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.19 views

The 51% majority can hijack the party's precious tokens through an arbitrary call proposal if the AddPartyCardsAuthority contract is added as an authority in the party.

Lines of code Vulnerability details Pre-requisite knowledge & an overview of the features in question 1. The AddPartyCardsAuthority contract: The AddPartyCardsAuthority contract is a contract designed to be integrated into a Party and it has only one purpose, and it is to mint new party governanc...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.10 views

Host(s) + majority can steal assets of minority+other hosts without any option for minority(+otherhosts) to ragequit.

Lines of code Vulnerability details Impact The ragequit functionality is put in place to protect the rights of the minority, who are not in support of a proposal, and allow them to withdraw their share of assets and exit the party. In some cases, minority will not have the opportunity to ragequit...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.6 views

A single host can approve a proposal for all other hosts in the Party

Lines of code Vulnerability details Summary A single host can approve a proposal by transferring the host role to dummy accounts and voting again to increment the number of approvals. Impact When a proposal is created in a Party, the number of active hosts is snapshotted in the proposal state...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.10 views

In parties with more than one host, a single host can bypass the execution delay of a proposal by transferring his host status to other addresses of his.

Lines of code Vulnerability details The Vulnerability After a proposal has gathered enough votes to pass, it waits through a period defined in the governance values named executionDelay. That executionDelay period is bypassed and the proposal can be executed immediately if ALL hosts of the party...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.9 views

Attacker can take over and hijack any and every asset of a party initialized with the governance value distributionsRequireVote set to false, through the utilization of a flash loan.

Lines of code Vulnerability details Pre-requisite knowledge & an overview of the features in question 1. The distributionsRequireVote flag: The distributionsRequireVote flag is a governance value flag set to false by default in the governance values. It determines whether or not a party member ca...

7.5AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.7 views

A single host can vote on a proposal, then abdicate to another address and vote again to wrongly increase numHostsAccepted, and make a proposal ready for execution against the desire of the other hosts

Lines of code Vulnerability details Impact Protocol's intended functionality is: If all hosts accept a passed proposal, then veto period for that proposal will be skipped, and Proposal will immediately be "Ready" for execution. Note that the requirement is "ALL HOSTS accept a proposal", but a...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.7 views

Vote power can be manipulated to propose and/or pass needed proposals

Lines of code Vulnerability details Impact The PartyGovernance contract is susceptible to vote manipulation, as an attacker could potentially acquire a substantial loan, even without collateral, within a single block before submitting a proposal. The voting process solely considers this particula...

7.5AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/10/24 11:0 a.m.27 views

A Controversial Plan to Scan Private Messages for Child Abuse Meets Fresh Scandal

An EU government body is pushing a proposal to combat child sexual abuse material that has significant privacy implications. Its lead advocate is making things even messier...

6.9AI score
Exploits0
NVD
NVD
added 2023/09/15 8:15 p.m.32 views

CVE-2023-41880

Wasmtime is a standalone runtime for WebAssembly. Wasmtime versions from 10.0.0 to versions 10.02, 11.0.2, and 12.0.1 contain a miscompilation of the WebAssembly i64x2.shrs instruction on x8664 platforms when the shift amount is a constant value that is larger than 32. Only x8664 is affected so a...

5.3CVSS4.3AI score0.00605EPSS
Exploits0References5
Prion
Prion
added 2023/09/15 8:15 p.m.21 views

Design/Logic Flaw

Wasmtime is a standalone runtime for WebAssembly. Wasmtime versions from 10.0.0 to versions 10.02, 11.0.2, and 12.0.1 contain a miscompilation of the WebAssembly i64x2.shrs instruction on x8664 platforms when the shift amount is a constant value that is larger than 32. Only x8664 is affected so a...

5CVSS5.4AI score0.00605EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/15 7:43 p.m.20 views

CVE-2023-41880 Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64

Wasmtime is a standalone runtime for WebAssembly. Wasmtime versions from 10.0.0 to versions 10.02, 11.0.2, and 12.0.1 contain a miscompilation of the WebAssembly i64x2.shrs instruction on x8664 platforms when the shift amount is a constant value that is larger than 32. Only x8664 is affected so a...

2.2CVSS7.1AI score0.00605EPSS
Exploits0References5
CVE
CVE
added 2023/09/15 7:43 p.m.71 views

CVE-2023-41880

CVE-2023-41880 affects Wasmtime on x86_64 where a miscompilation of the WebAssembly i64x2.shr_s instruction occurs for constant shift amounts greater than 32. Versions 10.0.0 through 10.0.2, 11.0.2, and 12.0.1 contain the issue; patch versions 10.0.2, 11.0.2, and 12.0.2 fix it (11.0.2 and 12.0.2 ...

5.3CVSS4.7AI score0.00605EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/09/14 7:33 p.m.37 views

Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64

Impact Wasmtime versions from 10.0.0 to 12.0.1 contain a miscompilation of the WebAssembly i64x2.shrs instruction on x8664 platforms when the shift amount is a constant value that is larger than 32. Only x8664 is affected so all other targets are not affected by this. The miscompilation results i...

5.3CVSS4.6AI score0.00605EPSS
Exploits0References8Affected Software1
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.11 views

Malicious user can prevent the creation of a proposal

Lines of code Vulnerability details Vulnerability Detail The LivepeerGovernor inherits OpenZeppelin's GovernorUpgradeable contract. The GovernorUpgradeable utilizes the hashProposal function to generate a unique hash when creating a new proposal. The hash depends solely on input parameters:...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.11 views

[H-01] GovernorCountingOverridable.castVoteBySig()/castVoteWithReasonAndParamsBySig(): Possible signature replay attacks to influence proposal execution

Lines of code Vulnerability details Impact In the GovernorCountingOverridable.sol inherited by LivePeerGovernor.sol, users can provide a signature to allow someone else to vote on their behalf using the castVoteBySig/castVoteWithReasonAndParamsBySig function since this functions are not overriden...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.9 views

Malicious actor can remove anyone's vote

Lines of code Vulnerability details Impact The GovernorCountingOverridable contract of the protocol is used to record the governance votes for different proposals and it allows the users to delegate their voting power to anyone. The handleVoteOverrides in the GovernorCountingOverridable contract...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.8 views

SecurityCouncilMemberElectionGovernor propose() function is not properly restricted

Lines of code Vulnerability details summary The propose function in the SecurityCouncilMemberElectionGovernor contract is not properly restricted. This means that any user can call it, including attackers. Description The propose function in the SecurityCouncilMemberElectionGovernor contract is...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.9 views

SecurityCouncilMemberElectionGovernor Owner Can Change votingPeriod During an Active Election

Lines of code Vulnerability details Impact In SecurityCouncilMemberElectionGovernor contract : relay function enables the contract owner from making calls to any contract address. And in SecurityCouncilMemberElectionGovernorCountingUpgradeable contract: setFullWeightDuration can be accessed only ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.11 views

Consider Disabling Inherited _cancel Function In The Governor Contracts

Lines of code Vulnerability details Impact The currently used openzeppelin upgradeable contracts dependency @openzeppelin/contracts-upgradeable is v4.7.3 The security council management contracts are inheriting the openzeppelin GovernorUpgradeable contracts to manage proposals. This version of...

6.7AI score
Exploits0
Rows per page
Query Builder