5 matches found
EUVD-2020-29818
Malware in sbrugna...
CVE-2020-8988
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers after using root access to make a copy of the local database to discover login credentials and voting history via an offline brute-force approach...
It's possible to block some user from voting for (or against) some proposal
Lines of code Vulnerability details Note: Although some code involved is inside a contract which is out of scope, I argue that this finding is in scope, since the vulnerability exists in the in-scope contract. In the Arcade protocol, there are several voting vaults implemented so that users can u...
CVE-2020-8988
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers after using root access to make a copy of the local database to discover login credentials and voting history via an offline brute-force approach...
Design/Logic Flaw
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers after using root access to make a copy of the local database to discover login credentials and voting history via an offline brute-force approach...