Lucene search
K

20 matches found

Code423n4
Code423n4
added 2023/12/19 12:0 a.m.11 views

The owner is a single point of failure and a centralization risk

Lines of code 56, 109, 127, 172, 219, 250, 115, 131, 154, 116, 131https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/12/12 12:0 a.m.12 views

The owner is a single point of failure and a centralization risk

Lines of code 56, 109, 127, 172, 219, 250, 115, 131, 154, 116, 131https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/12/12 12:0 a.m.6 views

The owner is a single point of failure and a centralization risk

Lines of code 56, 109, 127, 172, 219, 250, 115, 131, 154, 116, 131https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/29 12:0 a.m.8 views

The owner is a single point of failure and a centralization risk

Lines of code 56, 109, 127, 172, 219, 250, 115, 131, 154, 116, 131https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.9 views

The onlySeaport is a single point of failure and a centralization risk

Lines of code Vulnerability details Impact The onlySeaport holds a lot of power within the system, which can compromise the system integrity and it's permission-less nature. Having a single EOA as onlySeaport is a large centralization risk and a single point of failure. A single private key may b...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/07/13 12:0 a.m.9 views

The admin is a single point of failure and a centralization risk

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Consider...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/06/16 12:0 a.m.16 views

Upgraded Q -> 2 from #16 [1686928129422]

Judge has assessed an item in Issue 16 as 2 risk. The relevant finding follows: L-3 onlyOwner single point of failure Impact The onlyOwner role has a single point of failure and onlyOwner can use critical a few functions. Even if protocol admins/developers are not malicious there is still a chanc...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/16 12:0 a.m.13 views

Upgraded Q -> 2 from #66 [1686923855595]

Judge has assessed an item in Issue 66 as 2 risk. The relevant finding follows: L-13 The owner is a single point of failure and a centralization risk Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.16 views

The owner is a single point of failure and a centralization risk

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Similar...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.8 views

Stader OPERATOR is single point of failure

Lines of code Vulnerability details Impact The OPERATOR role holds a lot of power within the system, which can compromise the both the system integrity and it's permission-less nature. Proof of Concept The OPERATOR key is responsible for confirming marking each validator submitted key as either...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.12 views

The owner is a single point of failure and a centralization risk.

Lines of code Vulnerability details Impact & Vunerability Details. Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure, as this contract's owner can perform roles of high importance to the protocol. A single private key may be taken in a...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/08 12:0 a.m.14 views

The owner is a single point of failure and a centralization risk (06 Instances)

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Tools Used...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/09 2:9 p.m.109 views

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices

A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things IIoT devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology OT environments. "Threat actors can exploit...

10CVSS1.1AI score0.1228EPSS
Exploits3
Code423n4
Code423n4
added 2022/11/17 12:0 a.m.7 views

Upgraded Q -> M from #209 [1668684399391]

Judge has assessed an item in Issue 209 as M risk. The relevant finding follows: SINGLE POINT OF FAILURE --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.11 views

A single point of failure is not acceptable for this project

Lines of code Vulnerability details Impact The pause function on WardenPledge.sol has a single point of failure and onlyOwner can stop all project. Owner is not behind a multisig and changes are not behind a timelock.This information hasnt got in documents Even if protocol admins/developers are n...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/09 12:0 a.m.5 views

Rugpull vector : a single admin address can withdraw all funds

Lines of code Vulnerability details Impact Someone with access to admin keys could rug pull all funds Proof of Concept The gravity.sol contract should work as an escrow to mint equivalent tokens in the cosmos chain. This is maintained by a system of validators. The possible decentralization of th...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Admin is a single-point of failure without any mitigations

Handle 0xRajeev Vulnerability details Impact Admin role has absolute power across Swivel, Marketplace and VaultTracker contracts with several onlyOwner functions. There is no ability to change admin to a new address or renounce it which is helpful for lost/compromised admin keys or to delegate...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/07 2:11 p.m.235 views

Why I Love (Breaking Into) Your Security Appliances

Amid the Colonial Pipeline and JBS ransomware attacks that sparked shockwaves among media worldwide, news broke that attackers were able to compromise Colonial Pipeline through a legacy VPN account. The account lacked multifactor authentication MFA and wasn’t in active use within the business, a...

10CVSS9.7AI score0.04362EPSS
Exploits1References8
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/03/26 10:21 a.m.40 views

Business banking fraud. Keep your eggs in TWO baskets. Here’s why…

This post has a cautionary tale all about spreading your business banking fraud risk. So, does your business have two bank accounts, with different banks? No? Then you would be well advised to do so, or risk being left unable to trade. WHY? Business banking ‘cyber’ fraud is increasingly common; I...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2014/07/16 1:40 p.m.14 views

Microsoft Passwords Research on Re-Use

Forget what you’ve been told about password re-use and weak credentials. If we’re to believe collaborating researchers from Microsoft and Carelton University, neither is such a bad idea. Flying in the face of conventional pleading from experts that “password” is a bad password, new research puts...

0.1AI score
Exploits0References3
Rows per page
Query Builder