Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

7 matches found

Code423n4
Code423n4ā€¢added 2023/12/19 12:0 a.m.ā€¢26 views

Unsafe use of approve() with IERC20

Lines of code 321, 215, 184, 450, 761, 217, 157, 234, 339, 386https://github.com/Tapioca-DAO/t...

7.3AI score
Exploits0
Code423n4
Code423n4ā€¢added 2023/07/05 12:0 a.m.ā€¢8 views

_normalizeDecimals() Wrong calculation formula

Lines of code Vulnerability details Impact Wrong decimal place conversion, resulting in wrong quantity Proof of Concept in callOutSignedAndBridge The number of tokens will be converted to 18 decimal when packedData is performed. function callOutSignedAndBridgebytes calldata params, DepositInput...

6.9AI score
Exploits0
Code423n4
Code423n4ā€¢added 2023/03/07 12:0 a.m.ā€¢8 views

_computeRewardsPerUnitStaked() may overflow

Lines of code Vulnerability details Impact no judgment that lastLUSDLossErrorOffset!=0, but debtToOffset is 0 computeRewardsPerUnitStaked may overflow Proof of Concept Use lastLUSDLossErrorOffset in the computeRewardsPerUnitStaked method to store the last excess The code is as follows: function...

7.3AI score
Exploits0
Code423n4
Code423n4ā€¢added 2022/08/27 12:0 a.m.ā€¢10 views

Check the return of .call when sending Ether

Lines of code Vulnerability details Impact It's considered a best practice to always check the return of the transaction when sending Ether with .call, since it's possible for a tx failure due to external factors out of the contract control. Currently, the contract emits an event with the result...

6.7AI score
Exploits0
Code423n4
Code423n4ā€¢added 2022/08/06 12:0 a.m.ā€¢8 views

Project.changeOrder() might reinitialize already completed task.

Lines of code Vulnerability details Impact changeOrder can be used to change subcontractor. But if a project builder approves the signature by fault or the contractor is delegated, a malicious contractor and subcontractor might reinitialize an already completed task and complete again to receive...

6.9AI score
Exploits0
Code423n4
Code423n4ā€¢added 2022/05/05 12:0 a.m.ā€¢14 views

The ownership context is too centralized leaving room for other attack surfaces

Lines of code Vulnerability details Impact The ownership context is too centralized leaving room for other attack surfaces and leaving impression of distrust for the participants. Proof of Concept Almost all of the functions have onlyOwner modifier which allows accessing all the vital points of t...

7.1AI score
Exploits0
Prion
Prionā€¢added 2021/07/01 3:15 a.m.ā€¢11 views

Code injection

Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a code change...

6.8CVSS7.7AI score0.00221EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder