3 matches found
TOFT in (m)TapiocaOft contracts can be stolen by calling removeCollateral() with a malicious removeParams.market
Lines of code Vulnerability details Impact The TOFT available in the TapiocaOFT contract can be stolen when calling removeCollateral with a malicious market. Proof of Concept mTapiocaOFT inherit BaseTOFT, which has a function removeCollateral that accepts a market address as an argument. This...
[WP-H3] Proxy admin of the upgradeable proxy contracts can steal _borrowAsset and collateralAsset from the contracts and users' wallet
Lines of code Vulnerability details Both LenderPool and PooledCreditLine are upgradeable contract that holds users' allowances, and in certain periods, LendingPool will be holding users' funds. Use of Upgradeable Proxy Contract Structure allows the logic of the contract to be arbitrarily changed...
Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations
If your business operations and security of sensitive data rely on Oracle's E-Business Suite EBS , make sure you recently updated and are running the latest available version of the software. In a report released by enterprise cybersecurity firm Onapsis and shared with The Hacker News, the firm...