CVE-2023-53847

CVE-2023-53847 affects the Linux kernel usb-storage alauda subdriver. The root cause is alauda_check_media() using USB transfer data without verifying transfer success, risking uninitialized data usage; a related issue exists in alauda_get_media_status(). The fix adds a check for transfer success...

PT-2025-40639

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s ksmbd component contains a flaw related to the handling of smb direct data transfer structures. Specifically, the data offset and data length fields are not properly...

CommunityIssuance doesn't check the return value of OathToken.transferFrom() and OathToken.transfer()

Lines of code Vulnerability details Impact The function CommunityIssuance.fund calls OathToken.transferFrom but doesn't check the return value, which indicates whether the transfer succeeded or failed. Similarly, the function CommunityIssuance.sendOath calls OathToken.transfer but doesn't check t...

Lack of check for contract existance can cause loss of funds during transfers

Lines of code Vulnerability details Impact The current transfers will not check if the to address is for an existing token contract. This can cause loss of funds if an user attempts to make a swap for a tokens added to a pool and destructed later. Proof of Concept TokenA gets added to a pool The...

Solana Pay Vulnerable to Weakness in Transfer Validation Logic

Description When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied validateTransfer function. An edge case regarding this mechanism could cause the validation logic to validate multiple...

GHSA-J47C-J42C-MWQQ Solana Pay Vulnerable to Weakness in Transfer Validation Logic

Description When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied validateTransfer function. An edge case regarding this mechanism could cause the validation logic to validate multiple...

CVE-2022-35917

Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient...

CVE-2022-35917 Weakness in Transfer Validation Logic in @solana/pay

Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient...

CVE-2022-35917 Weakness in Transfer Validation Logic in @solana/pay

Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient...

lack of validating transfer of tokens entered by the user

Lines of code Vulnerability details Impact As we have not defined the implementation of note, it should be validated that note.transferrecipient, amount returns true. This is important, since the transaction could not be carried out and the function executed as correct. In the comments of the cod...

ERC20 transfer might fail

Handle hack3r-0m Vulnerability details while withdrawing incentives, the contract does not check if erc20 transfer was successful or not, if due to minor rounding error at 17th/18th decimal place, which is possible and the contract does not have enough token to make the transfer and hence false i...

Use SafeTransfer/TransferHelper for BadgerYieldSource

Handle adelamo Vulnerability details Impact The Badger token will not throw an exception if transfer/transferFrom is unsuccessful. So we could use TransferHelper/SafeTransfer in order to run the validation everything went fine. //...