CVE-2024-45477

Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenticated user, authorized to configure a Parameter Context, can enter arbitrary JavaScript code, whic...

Vulnerability affecting picoScan and multiScan

SICK has identified a Denial of Service vulnerability CVE-2025-32472 in picoScan and multiScan, which can cause the web page to become unresponsive. Due to their architectural design, these products are not affected by the other vulnerabilities listed in this advisory. Currently SICK is not aware...

PT-2024-28653 · Ibm · Ibm Engineering Lifecycle Optimization - Engineering Insights

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 through 7.0.3 Description: The issue concerns the use of a web link with untrusted references to an external site, which could allow a remote attacker to expose...

Delisted wLp still could be used for collateralization by changing position mode

Lines of code Vulnerability details Protocol governor address has the power to whitelist and delist wLp addresses using the ConfigsetWhitelistedWLps function. Only whitelisted wLp tokens are allowed to collateralize and de-collateralize users' positions: File: InitCore.sol 244: function...

increaseLiquidity/decreaseLiquidity Lack of slippage protection

Lines of code Vulnerability details Vulnerability details In ParticlePositionManager.mint, there is slippage protection by params.amount0Min / params.amount1Min But in increaseLiquidity, pool.mint will also be executed There is no slippage protection function increaseLiquidity uint256 tokenId,...

reclaimLiquidity() Malicious borrowers can force LPs to be unable to retrieve Liquidity by closing and reopening the Position before it expires.

Lines of code Vulnerability details Vulnerability details If LP wants to retrieve the Liquidity that has been lent out, it can set a renewalCutoffTime through reclaimLiquidity. If the borrower does not voluntarily close, liquidatePosition can be used to forcibly close the position after the loan...

test

Lines of code L14 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps lemme...

Unrestricted Unwrap Fee Changes: Instability, Market Disruption, and Loss of Trust

Lines of code Vulnerability details Impact The current changeUnwrapFee function in the Ocean smart contract allows the owner to change the unwrap fee divisor with no restrictions, leading to several negative impacts: 1. Unstable Unwrap Fees: Frequent changes in the divisor can cause instability a...

MEV-attack

Lines of code Vulnerability details Impact Tokens trades can be sandwiched for profit. Proof of concept The price of tokens is proportional to the supply with the current LinearBoningCurve. An attacker can therefore sandwich a buy transaction with a buy at the first lower price range followed by ...

LinearBondingCurve.log2 function contains an incorrect shift operation that could lead to wrong calculation.

Lines of code Vulnerability details Impact The values in the shift operation are reversed. The provided inline assembly code for the log2 function appears to be an issue in the sequence of shift operations. Let's break down the relevant part of the code: r := or r, byte and0x1f, shrshrr, x,...

Holder cannot claim fee

Lines of code Vulnerability details Impact Assume a user buys some shares and mints it to an NFT and sends the shares to a cold wallet for safety. The following happens: A user buys 10 shares using buy is called, the rewardsLastClaimedValue is updated to the latest holder rewards, the...

Too small deposits will result in no rsEth mint for the

Lines of code Vulnerability details Impact User will get nothing if the deposit amount is too small . Proof of Concept The getRsETHAmountToMint is for getting the conversion rate of asset to rsEth . /// @return rsethAmountToMint Amount of rseth to mint function getRsETHAmountToMint address asset,...

Switching to sales model 3 for a collection with pre-existing supply could brick the ' mint() ' function for that collection.

Lines of code Vulnerability details Impact ' Periodic sales' model cannot be used in a collection with Pre-existing supply because of how timeOfLastMint is calculated in mint function. This prevents the system from flexibly combining different sales models in a single collection as intended by th...

In the _initialize function of the ETHCrowdfundBase contract, when minTotalContributions is equal to maxTotalContributions, crowdfund will never reach its minimum goal in some specific scenarios

Lines of code Vulnerability details Impact In the initialize function of the ETHCrowdfundBase contract, when minTotalContributions is equal to maxTotalContributions, crowdfund will never reach its minimum goal in some specific scenarios. The ETH of users who contribute to this crowdfund will be...

Temporary DOS attack on users minting and redeeming big amount using EthenaMinting.sol

Lines of code Vulnerability details Impact The users redeeming and minting using EthenaMinting.sol with a large amount can be vulnerable to DOS attack. Proof of Concept There is a limit on the max amount to redeem and mint in a block. This can be crucial to the users that are minting or redeeming...

Uninitialized State Variables

Lines of code Vulnerability details Impact in The resetTmpMarketParameters function is an internal function, which means it can only be called from within the WildcatMarketController contract itself. If a child contract inherits from WildcatMarketController and calls resetTmpMarketParameters befo...

Rounding Bug in OracleLibrary.consult Impacting Pricing Accuracy and User Costs

Lines of code Vulnerability details Impact The rounding bug in the OracleLibrary.consult function has a significant impact on applications that rely on this function for price calculations, especially those involving asset swaps, collateral valuation, or other financial transactions. The bug caus...

Protocol's invariants can be broken

Lines of code Vulnerability details Impact Due to insufficient input validation to the inputs of the external function "deploySubAccount" in the SafeDeployer.sol contract,A malcious subAccount wallet can be imported,registered and then take control over other subAccounts. This can cause many...

Possibility of security vulnerabilities introduced by creating ERC20ProxyDelegator instances on the fly using static salt values

Lines of code Vulnerability details Impact Security risks associated with deploying proxy contracts via deterministic addresses that can be easily calculated. In deployProxyDelegatorIfNeeded, in the case that extcodesizeproxyAddress == 0, then a proxy contract is instantiated ad hoc via new...

DoS in System Component lead to System Failure

Lines of code Vulnerability details Impact Proof Of Concept Tools Used Recommended Mitigation Steps Assessed type DoS --- The text was updated successfully, but these errors were encountered: All reactions...