Lucene search
K

15 matches found

NVD
NVD
added 2025/09/23 2:15 a.m.5 views

CVE-2025-42907

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...

4.3CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/23 1:58 a.m.4 views

CVE-2025-42907 Server-Side Request Forgery in SAP BI Platform

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...

4.3CVSS6.3AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.4 views

PT-2025-39106

Name of the Vulnerable Software and Affected Versions SAP BI Platform affected versions not specified Description An attacker can modify the IP address within the LogonToken associated with OpenDoc. Accessing the modified link in a web browser may redirect a ping request to a different server. Th...

4.3CVSS6.2AI score0.00204EPSS
Exploits0References6
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.7 views

Lack of Validation and Potential Overflow in _fetchInteractionId Function

Lines of code Vulnerability details Impact The lack of validation on interactionType could allow invalid values, potentially leading to unexpected interaction IDs. Additionally, if interactionType exceeds 8 bits, it could cause an overflow issue, potentially altering the token address within the...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/10/26 12:0 a.m.93 views

Solmate safetransfer and safeTransferFrom do not check the code size of the token address, which may lead to loss of funds

Lines of code Vulnerability details Impact WildcatMarketWithdrawals, WildcatMarketController, WildcatMarket contracts use Solmate safetransfer and safeTransferFrom functions. However, these functions don't check the existence of code at the token address. This is a known issue while using solmate...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/10/26 12:0 a.m.68 views

safeTransferFrom Does Not Check for Code at the Token Address

Lines of code Vulnerability details Impact The solady safeTransferFrom does not check for code at a token address before transferring. This can result in a deposit being made in a selfdestructed token or an embryonic token such as one that can be created from another chain's bridge without the us...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.7 views

anyone with valid token address can create DOS for accrueInterest() in prime.sol

Lines of code Vulnerability details Impact anyone or attacker with valid token address can create DOSdenial of service for accrueInterest and functions using accrueInterest in prime.sol Proof of Concept a function accrueTokens in PrimeLiquidityProvider.sol has visibility pubic,it means anyone can...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/04/17 9:2 p.m.7 views

CVE-2023-30543 `chainId` may be outdated if user changes chains as part of connection in @web3-react

@web3-react is a framework for building Ethereum Apps . In affected versions the chainId may be outdated if the user changes chains as part of the connection flow. This means that the value of chainId returned by useWeb3React may be incorrect. In an application, this means that any data derived...

5.2CVSS5.5AI score0.00378EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.5 views

ClearingHouse can pass in a malicious payment token

Lines of code Vulnerability details Impact vault loss assets Proof of Concept When the auction is successful the NFT is transferred to the bidder and seaport calls ClearingHouse.safeTransferFrom to trigger the repayment of the debt through the conduit mechanism ClearingHouse.safeTransferFrom -...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/21 12:0 a.m.14 views

SOLMATE SAFETRANSFER AND SAFETRANSFERFROM DOES NOT CHECK THE CODESIZE OF THE TOKEN ADDRESS, WHICH MAY LEAD TO FUND LOSS

Lines of code Vulnerability details Impact Reference from a previous Contrest : In uniswapV3SwapCallback and sendPaprFromAuctionFees the safetransfer and safetransferfrom doesn’t check the existence of code at the token address. This is a known issue while using solmate’s libraries. Hence this ma...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/08 12:0 a.m.29 views

Actor can input malicious data in the swap function inputs

Lines of code Vulnerability details Impact Function swap has a data input parameter, which can be defined by the caller. Any user could therefore define a token address that they will send. By doing so user could create their own token and send it instead of tokenA and receive tokenB for free. By...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.20 views

Solmate saftransfer and safetransferfrom does not check the codesize of the token address, which may lead to fund loss

Lines of code Vulnerability details In PirexGmx.sol and ERC4626Vault.sol, the contract uses the solmate library which does not check the existence of code at the token address. This is a known issue when using solmate's libraries. Reference: Impact Possible loss of funds and miscalculation. Proof...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.14 views

Solmate safetransfer and safetransferfrom doesnot check the codesize of the token address, which may lead to fund loss

Lines of code Vulnerability details Impact In bid function, the safetransferfrom function doesn't check the existence of code at the token address. This is a known issue while using solmate's libraries. Hence this may lead to miscalculation of funds and may lead to loss of funds , because if...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.6 views

Providing the same address for the "base" and the "quote" tokens creates a risk of fund loss for the seller.

Lines of code Vulnerability details Impact The "createAuction" function requires the seller to input the address of a base and a quote token. However, there is no statement that checks whether or not these two provided addresses are the same. As a result, the seller could accidentally fill in an...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/09 12:0 a.m.10 views

in depositErc20 - no check that token address != NATIVE

103 comment Warden: CertoraInc The depositErc20 doesn't have any check that the given token address doesn't equal to the NATIVE address in this case the user should use the depositNative function. This is a needed check, it can be seen also in the withdrawErc20GasFee, so it needs to be applied in...

6.8AI score
Exploits0
Rows per page
Query Builder