EUVD-2023-54494

Malicious code in bioql PyPI...

Contrary to sponsor's intent, the gauge's weight will not be updated properly if governance do not change weight before any voting

Lines of code Vulnerability details Impact This is the intended procedure based on Sponsor's answer in discord: Q: when we add new gauge we don't set any weight point or any data for it, did the new gauge will get the weight and power by time when users vote for it ?! A: Yes, the idea is that the...

GaugeController allows for quick vote and withdraw voting strategy

Lines of code Vulnerability details Summary The GaugeController voting can be abused to apply all of the user's weight in every gauge's vote. GaugeController's voting changes the weight of the gauge. Each user can split their voting weight power between the gauges function...

Unfixed Redirect vulnerability at www.toprakforum.org

Security researcher Narcoticxs, has submitted on 30/09/2007 a Redirect vulnerability affecting www.toprakforum.org, which at the time of submission ranked 2814497 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2007. It is currently...