Lucene search
K

10 matches found

EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-140263

Malicious code in miands-minst-vusd npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.2 views

Malicious code in minds-minst-vusd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5ec720a815a6d199b32826accfd7a1addfd7bfc140c480606584311cdcde954 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-140125

Malicious code in minds-natudfa-vusd npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-140127

Malicious code in minds-minst-vusd npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/12 7:18 p.m.1 views

MAL-2025-176136 Malicious code in minds-minst-vusd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5ec720a815a6d199b32826accfd7a1addfd7bfc140c480606584311cdcde954 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/13 5:30 p.m.3 views

Malicious code in vusd-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d7ab0e73da32b556aaa23c99dbb37d948aad1d628eb6286ac8069e1df5bf79e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/09/13 5:30 p.m.3 views

MAL-2025-47108 Malicious code in vusd-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d7ab0e73da32b556aaa23c99dbb37d948aad1d628eb6286ac8069e1df5bf79e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.14 views

Assets sent from MarginAccount to InsuranceFund will be locked forever

Lines of code Vulnerability details Impact Assets sent from MarginAccount to InsuranceFund will be locked forever Proof of Concept The insurance fund doesn't have a way to transfer non-vusd out of the contract. Assets transferred to the InsuranceFund will be locked forever. Mitigation Have a way...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/21 12:0 a.m.11 views

Withdrawals can be spammed and other users blocked

Lines of code Vulnerability details Impact The VUSD.processWithdrawals function only performs maxWithdrawalProcesses actually maxWithdrawalProcesses + 1 iterations per call. Withdrawals can be freely spammed by a griefer calling burnamount with a zero amount. All future withdrawals are blocked...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/21 12:0 a.m.14 views

Griefing attack at VUSD withdraw queue is possible

Lines of code Vulnerability details Impact A malicious user can make lots of withdrawal requests to fill up the queue, making VUSD withdrawals unreachable for all other users Proof of Concept There is no control of the size or number of the withdrawal requests, and VUSD will burn even 1 wei amoun...

6.8AI score
Exploits0
Rows per page
Query Builder