Lucene search
K

9 matches found

Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.6 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/06 7:57 p.m.7 views

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

9.1CVSS5.8AI score
Exploits0References2
The Hacker News
The Hacker News
added 2024/10/15 2:43 p.m.11 views

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.7 views

Reentrancy vulnerability in USDO.flashLoan() function

Lines of code Vulnerability details Impact The reentrancy vulnerability in the USDO contract could allow an attacker to withdraw funds from the contract even if the original contract has not yet approved the withdrawal. This could result in a loss of funds for the USDO contract and its users. Pro...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.11 views

Lack of expiration time for cross-chain message passing

Lines of code Vulnerability details Lack of expiration time for cross-chain message passing Summary Lack of expiration time for cross-chain message passing Vulnerability Detail In the current implementation, the L1CrossDomainMessagern.sol inherits from CrossDomainMessager.sol and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/07/14 12:0 a.m.7 views

unpaused(p) modifier missing in authRedeem function

Lines of code Vulnerability details Impact Due to missing modifier, User will be able to redeem zcTokens and withdraw underlying even in paused Market. This happens due to missing unpausedp modifier Proof of Concept 1. Lets see function definition for authRedeem function function authRedeemuint8 ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/03/31 12:0 a.m.11 views

[WP-M10] Lack of access control allow anyone to withdrawInterest() for any lender

Lines of code Vulnerability details function withdrawInterestuint256 id, address lender external nonReentrant withdrawInterestid, lender; function withdrawInterestuint256 id, address lender internal address strategy = pooledCLConstantsid.borrowAssetStrategy; address borrowAsset =...

6.8AI score
Exploits0
Rows per page
Query Builder