128 matches found
CVE-2024-26937 drm/i915/gt: Reset queue_priority_hint on parking
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...
@jup-ag/core (>=3.0.0-beta.0 <=3.0.0-beta.8-eacba78), @jup-ag/react-hook (>=3.0.0-beta.0 <=3.0.0-beta.8-eacba78) +7 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.63.0 <=1.63.1)
@solana/web3.js NPM version =1.63.0, =3.0.0-beta.0, =3.0.0-beta.0, =0.0.1-0d5b39f4.0, =0.0.1-0f199db9.0, =4.0.0-maple-1, =0.1.0, =1.4.8, =1.0.0, =1.7.1-alpha.4 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...
CVE-2024-29375
CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name inside Input Triangles and Yield Curve Name parameters...
Addactis IBNRS 安全漏洞
Addactis IBNRS is a non-life insurance solution from Addactis. A security vulnerability exists in Addactis IBNRS version v.3.10.3.107, which stems from a vulnerability that allows remote attackers to execute, via a crafted .ibnrs file, the Project Description, Identifiers, Custom Triangle Name, a...
PT-2024-22870 · Addactis · Addactis Ibnrs
Name of the Vulnerable Software and Affected Versions: Addactis IBNRS version 3.10.3.107 Description: The issue allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name inside Input Triangles, and Yield Curve Name...
CVE-2024-29375
Addactis IBNRS v3.10.3.107 is affected by a CSV Injection vulnerability that lets an attacker craft a .ibnrs file to inject content into Project Description, Identifiers, Custom Triangle Name, and Yield Curve Name, enabling remote arbitrary code execution. The CVSS 3.1 base score is 9.8 (CRITICAL...
CVE-2024-29375
CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name inside Input Triangles and Yield Curve Name parameters...
Malicious code in yield-api-documentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd5cbdb7d4a993fa1eaa24b6a76752bcaef2b40f325168ed535651ab0b116a48 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-20 Malicious code in yield-api-documentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd5cbdb7d4a993fa1eaa24b6a76752bcaef2b40f325168ed535651ab0b116a48 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
A user with SOFT_RESTRICTED_STAKER_ROLE can earn yield.
Lines of code Vulnerability details Impact Any user blacklisted with SOFTRESTRICTEDSTAKERROLE role can earn yield by buying stUSDe token from open market and unstake stUSDe for USDe token on the StakedUSDeV2.sol contract. Proof of Concept The unstake function calls the internal withdraw function...
Lack of functionality to distribute the yield to the USDe stakers.
Lines of code Vulnerability details Impact User will not get the benefit of the yield which is output of their USDe staking. Outcome of yield is the core feature of staking. we are submitting this as high. Proof of Concept An user who is not black listed is allowed to stake their USDe by calling...
M-22 Unmitigated
Lines of code Vulnerability details Comments The underlying yield vaults used by the V5 vaults usually round down shares received when depositing. As a result, if the Vault deposits to an underlying yield vault that has already issued shares, it is possible that a deposit could be rounded down to...
ConvexTriCryptoStrategy might not compound all rewards
Lines of code Vulnerability details Impact When compounding in ConvexTriCryptoStrategy, the number of tokens that is swapped into wETH does not account for extraRewards and tokenRewards. This can cause a loss of yield and rewards to be lost. Proof of Concept In ConvexTriCryptoStrategy.executeClai...
Yearn Stragety tolerant 0 loss, which is too strict and can block withdraw
Lines of code Vulnerability details Impact Yearn Stragety tolerant 0 loss, which is too strict Proof of Concept When withdraw from Yearn Stragety result = vault.withdrawtoWithdraw, addressthis, 0; @param maxLoss The maximum acceptable loss to sustain on withdrawal. Defaults to 0.01%. If a loss is...
M-06 Unmitigated
Lines of code Vulnerability details Original Issue code-423n4/2023-06-angle-findings13 Details This issue shows users may lose a portion of yield when protocolSafetyFee and vestingPeriod are changed. As mitigation, it recommends accruing interests before those parameters are changed. Mitigation P...
Malicious Yield Vault could deny Pool Together withdrawing assets
Lines of code Vulnerability details Impact Since vaults can be created by anyone as long as they provide an ERC-4626 compliant yield source, an attacker could set up a malicious ERC-4626 contract and set that as the yield source for a newly created Vault. The attacker could then have the maliciou...
Vault funds can be stolen by a malicious Yield Vault.
Lines of code Vulnerability details Impact When a vault is initialized, it sets Max Token Approval for the Yield Vault which allows the Yield Vault to ALWAYS have access to the funds in the vault. Since vaults can be created by anyone as long as they provide an ERC-4626 compliant yield source, an...
Vault.mintYieldFee FUNCTION CAN BE CALLED BY ANYONE TO MINT Vault Shares TO ANY RECIPIENT ADDRESS
Lines of code Vulnerability details Impact The Vault.mintYieldFee external function is used to mint Vault shares to the yield fee recipient. The function is an external function and can be called by anyone since there is no access control. The function will revert only under following two...
Interest is not accrued before parameters are updated in SavingsVest
Lines of code Vulnerability details Impact Stablecoin holders can receive wrongly calculated yield in the SavingsVest contract. Also, wrong vesting profit can be slashed when the protocol is under-collateralized. Proof of Concept The SavingsVest contract lets users deposit their stablecoins and...
Loss of staking yield for stakers when another user stakes in pause/frozen state
Lines of code Vulnerability details Impact Loss of staking yield for stakers when another user stakes in pause/frozen state. Proof of Concept Issue 148 from previous audit is present again. As i can see it was mitigated. But maybe after that new code changes were made, so this issue is present...