Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Code423n4
Code423n4added 2022/12/19 12:0 a.m.9 views

Price manipulation by sending Ether

Lines of code Vulnerability details Price manipulation by sending Ether not profitable although The function Pair.price uses Pair.baseTokenReserves uses addressthis.balance or ERC20baseToken.balanceOfaddressthis. In case addressthis.balance is used when address0 is passed, there can be price...

6.9AI score
Exploits0
Code423n4
Code423n4added 2022/11/06 12:0 a.m.10 views

Double spending risk in L1 Bridge Contract

Lines of code Vulnerability details Impact There is double spending risk in L1 Bridge Contract. The user may call claimFailedDeposit to release their locked fund while they still have token balance in L2 network. Proof of Concept Let us focus on the L1ERC20Bridge.sol /// @dev Withdraw funds from...

7AI score
Exploits0
Github Security Blog
Github Security Blogadded 2022/08/18 7:4 p.m.31 views

Ethermint vulnerable to DoS through unintended Contract Selfdestruct

Vulnerability Report Impact Smart contract applications that make use of the selfdestruct functionality and their end-users. Classification The vulnerability has been classified as high with a CVSS score of 8.2. It has the potential to create a denial-of-service to all contracts that can invoke t...

8.2CVSS5.6AI score0.00149EPSS
Exploits1References5Affected Software4
Code423n4
Code423n4added 2021/12/20 12:0 a.m.11 views

Zap contracts vulnerable to DoS

Handle shenwilly Vulnerability details Impact If the zap contract has a non-zero balance of vault token then users won't be able to mint that particular vault. This is because the minting functions only check if the minted token is equal to the current balance inside the contract, which will alwa...

6.8AI score
Exploits0
Code423n4
Code423n4added 2021/12/12 12:0 a.m.15 views

Allowing more than 256 epochs leads to loss of funds

Handle cmichel Vulnerability details The TwabRewards contract has an implicit restriction of 256 epochs per promotion as it uses a bitmask in a uint256 to mark claimed epochs 0-255, see isClaimedEpoch. "/// @dev We pack epochs claimed by a user into a uint256. So we can't store more than 255...

6.9AI score
Exploits0
Code423n4
Code423n4added 2021/11/18 12:0 a.m.12 views

function mint() No Tokens Will be Transfer to _recipient

Handle Meta0xNull Vulnerability details Impact mintrecipient, amount; At the end of mint, mint seems like responsible to transfer tokens to recipient but there is no code no function of mint in this contract. Thus No Tokens Will be Transfer to recipient. recipient who do not Receive Their Tokens...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2018/04/26 12:0 a.m.64 views

New batchOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018–10299)

Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based ERC-20 token transfers. Specifically, our system will automatically send out alerts if any suspicious transactions e.g., involving unreasonably large tokens occur. In...

7.2AI score0.012EPSS
Exploits2
Rows per page
Query Builder