4 matches found
CVE-2025-54648
CVE-2025-54648 describes an out-of-bounds read in the SSAP module of the Huawei HarmonyOS NearLink protocol stack. The vulnerability affects the NearLink SSAP component and, if exploited, may impact availability. The primary sources (NVD, Red Hat, CNVD and related feeds) consistently state availa...
Pool: The EMERGENCY state cannot be recovered
Lines of code Vulnerability details Impact The owner can call Pool.adminAction to set the Pool contract state to EMERGENCY, and in the EMERGENCY state, no liquidity can be added or transferred, and no swaps can be made. However, the Pool contract does not have a function to recover the EMERGENCY...
queue(), execute(), cancel() and veto() can run out of gas and revert due to out of bound loops
Lines of code Vulnerability details Impact The functions queue, execute, cancel and veto contain unbounded loops, which can cause transactions to consume more gas than the block limit run out of gas and revert. Since these functions are critical for the proposals flow, this could impact the...
Well-Funded Sponsors Can Severely Inhibit The Availability Of The Protocol
Handle leastwood Vulnerability details Impact Any user is allowed to sponsor a vault by depositing tokens, thereby bootstrapping the vault's initial assets used in the strategy contract. A percentage of these assets are invested in the Anchor protocol by bridging UST from Ethereum to the Terra...