11 matches found
Malicious code in code-transfering-3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 949a505895a5dcb808074bcddc1a084d12cfadb4b999712b48e012ad455ce817 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
curl: Multiple Vulnerabilities
Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
WhatsApp cryptocurrency scam goes for the cash prize
This weekend a scammer tried his luck by reaching out to me on WhatsApp. It’s not that I don’t appreciate it, but trust me, it’s bad for your business. I received one message from a number hailing from the Togolese Republic. WhatsApp message from an unknow sender “Jay, your financial account has...
Elevating Data Security: Key Considerations When Transferring Your Digital Workspace
By Owais Sultan Data security is vital for protecting sensitive information and maintaining trust. This is a post from HackRead.com Read the original post: Elevating Data Security: Key Considerations When Transferring Your Digital Workspace...
Malicious user can frontrun the selling or transferring of a ticket to claim the rewards
Lines of code Vulnerability details A bad actor can trick a user into buying an unclaimed ticket and frontrun the selling or transfer of the NFT to claim the rewards associated with the ticket before the original transaction. Impact Given the described scenario, a bad actor can frontrun the...
Reentrancy attack on fee transferring
Lines of code Vulnerability details Vulnerability details Description There is execute function in the Exchange smart contract. The function matches two orders, ensuring the validity of the match, transfers the order fees, etc. When transferring fees, the contract just makes a call to the...
Upgraded Q -> M from 104 [1654442859269]
Judge has assessed an item in Issue 104 as Medium risk. The relevant finding follows: Check transfer receiver is not 0 to avoid burned money Transferring tokens to the zero address is usually prohibited to accidentally avoid "burning" tokens by sending them to an unrecoverable zero address. Code...
strategy change can be prevented
Handle danb Vulnerability details strategy change requires the invested assets to be zero. anyone can make it fail by transferring aust to the strategy. --- The text was updated successfully, but these errors were encountered: All reactions...
transferFrom function can be frontrun and unusable
Handle pants Vulnerability details A malicious program can frontrun every transaction of transferFromfrom, to, amount where amount is the maximal allowance by frontrunning with transferFromfrom, to, amount/10000 and then the first transaction will fail and only amount / 10000 will be transferred...
Deposits don't work with fee-on transfer tokens
Handle cmichel Vulnerability details There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Others are rebasing tokens that increase in value over time like...
Unbounded loop in _removeNft could lead to a griefing/DOS attack
Handle shw Vulnerability details Impact Griefing/DOS attack is possible when a malicious NFT contract sends many NFTs to the vault, which could cause excessive gas consumed and even transactions reverted when other users are trying to unlock or transfer NFTs. Proof of Concept 1. The function...