Use safetransfer/safetransferFrom consistently instead of transfer/transferFrom
Lines of code https://github.com/code-423n4/2022-07-axelar/blob/9c4c44b94cddbd48b9baae30051a4e13cbe39539/contracts/gas-service/AxelarGasService.sol#L144...
6.8AI Score
Functions that send Ether to arbitrary destinations
Lines of code https://github.com/code-423n4/2022-07-axelar/blob/9c4c44b94cddbd48b9baae30051a4e13cbe39539/contracts/deposit-service/ReceiverImplementation.sol#L23...
6.9AI Score
Upgraded Q -> M from 9 [1659036743700]
Judge has assessed an item in Issue #9 as Medium risk. The relevant finding follows: Centralized risk The operator address can mint arbitrary amount of tokens. In addition, operator can also burn tokens from third-party accounts. If the private key of the owner or minter address is compromised,...
6.9AI Score
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a private-sector offensive actor (PSOA) using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European.....
8.8CVSS
-0.2AI Score
EPSS
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a private-sector offensive actor (PSOA) using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European.....
8.8CVSS
-0.2AI Score
EPSS
berlin-shuttle.de Cross Site Scripting vulnerability OBB-2792134
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-karow-internet.de Cross Site Scripting vulnerability OBB-2792133
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-buch-internet.de Cross Site Scripting vulnerability OBB-2792131
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-housekeeping.de Cross Site Scripting vulnerability OBB-2792132
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-alperen.de Cross Site Scripting vulnerability OBB-2792130
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via...
6.1CVSS
6AI Score
0.002EPSS
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via...
6.1CVSS
0.002EPSS
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via...
6.2AI Score
0.002EPSS
Vault implementation can be selfdestructed due to lack of initialization
Lines of code Vulnerability details Impact HIGH - Assets can be lost directly Anybody can initialize the Vault's implementation contract. The worst case would be to selfdestruct and make all the (already deployed and to be deployed) Vault's proxies useless and assets in the deployed proxies will...
6.9AI Score
Uninitialized implementation for Vault can be destroyed
Lines of code https://github.com/code-423n4/2022-07-fractional/blob/main/src/Vault.sol#L24-L29 Vulnerability details Impact Every Vault is a proxy of the same implementation contract. This implementation is deployed from VaultFactory but never initialized. /// @notice Initializes implementation...
6.8AI Score
mha-sc.org Cross Site Scripting vulnerability OBB-2743279
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Bitter APT Hackers Continue to Target Bangladesh Military Entities
Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...
8.8CVSS
0.3AI Score
0.913EPSS
Create a short call order with non empty floor makes the option impossible to exercise and withdraw
Lines of code Vulnerability details Impact HIGH - assets can be lost If a short call order is created with non empty floorTokens array, the taker cannot exercise. Also, the maker cannot withdraw after the expiration. The maker will still get premium when the order is filled. If the non empty...
6.7AI Score
accountant and admin cannot be updated at Note.sol once accountant is initialized
Lines of code Vulnerability details Impact Once state variable accountant is set, accountant and admin will no longer be updated using _setAccountantAddress function. Proof of Concept function setAccountantAddress(address accountant ) external { require(msg.sender == admin); ...
6.9AI Score
berlin-storkower.quick.de Cross Site Scripting vulnerability OBB-2682577
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Upgraded Q -> H from 222 [1656255302682]
Judge has assessed an item in Issue #222 as High risk. The relevant finding follows: [L-02] totalAssets of erc4626 should never revert eip-4626 According to the spec, totalAssets of erc4626 should never revert MUST NOT revert. wfcash would revert if it's matured but hasn't settled....
6.9AI Score
Upgraded Q -> H from 104 [1656255316696]
Judge has assessed an item in Issue #104 as High risk. The relevant finding follows: L02: Incompatibility with ERC-4626 Line References https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashERC4626.sol#L42...
7AI Score
berlin-hnopraxis.de Cross Site Scripting vulnerability OBB-2679268
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
TWAV can be attacked by flash loan
Lines of code Vulnerability details Impact _updateTWAV can be flash loaned. Hacker may pay the flash loan fee for 4 blocks then execute the attack after that. Proof of Concept function _updateTWAV(uint256 _valuation, uint32 _blockTimestamp) internal { uint32 _timeElapsed; ...
7.1AI Score
Lines of code Vulnerability details Impact The function does not have access control before the accountant address is set, allowing anyone to call the function, gain admin privileges, and set the accountant address. Proof of Concept CNote.sol#L17 Recommended Mitigation Steps Include access control....
7.1AI Score
Upgraded Q -> M from 36 [1655654413719]
Judge has assessed an item in Issue #36 as Medium risk. The relevant finding follows: Allows owner to mint more tokens than planned There are two ways for the owner of the contract to mint tokens for themselves unrelated to the public sale: through the teamSummon() function or by setting the...
7AI Score
endodontie-berlin-mitte.de Cross Site Scripting vulnerability OBB-2654350
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-buch-internet.de Cross Site Scripting vulnerability OBB-2653248
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-housekeeping.de Cross Site Scripting vulnerability OBB-2653249
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-alperen.de Cross Site Scripting vulnerability OBB-2653247
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-shuttle.de Cross Site Scripting vulnerability OBB-2653253
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
berlin-karow-internet.de Cross Site Scripting vulnerability OBB-2653250
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
This Week in Spring - June 14th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! I've just arrived in beautiful Berlin, Germany, for the forthcoming We Are Developers show with more than five thousand attendees. I was in Toronto, Canada, for the epic SpringOne Tour installment there. I've also had the...
-0.3AI Score
safeMath function being used without importing the safeMath library preventing contract compilation
Lines of code Vulnerability details Impact Contract NotionalTradeModule.sol will not compile due to an error caused by missing import of safeMath and the directive using for. Since safeMath is not imported and no using for directive, the contract would not even compile as it would throw an error...
6.9AI Score
Lines of code https://github.com/code-423n4/2022-06-notional-coop/blob/main/notional-wrapped-fcash/contracts/wfCashERC4626.sol#L21 https://github.com/code-423n4/2022-06-notional-coop/blob/main/notional-wrapped-fcash/contracts/wfCashERC4626.sol#L23...
6.7AI Score
berlin-tcm.de Cross Site Scripting vulnerability OBB-2648428
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
This Week in Spring - June 7th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! I've just landed in tantalizing Toronto, Canada, for the SpringOne Tour Toronto show. I'm so excited to be here, at long last, after so long away from one of my favorite countries. I'll be doing two talks - my usual,...
0.5AI Score
Integer Overflow in Nonce Possible Via EIP 1271 Compliant Contract
Lines of code Vulnerability details Impact The current NonceManager (deployed version) does not expect a nonce to go as high to actually trigger an integer overflow and is therefore, unchecked. However, it is completely possible to have the nonce go as high with EIP 1271 contracts that hold the...
6.9AI Score
SaltStack Salt command injection in the Salt-API when using the Salt-SSH client
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to...
9.8CVSS
9.6AI Score
0.059EPSS
SaltStack Salt command injection in the Salt-API when using the Salt-SSH client
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to...
9.8CVSS
9.5AI Score
0.059EPSS
Users can get rewards even if not locking for the full lock duration
Lines of code Vulnerability details Impact Users can get rewards that should only have gone to users that locked for the full duration, effectively stealing from those other users Proof of Concept This is the relevant logic from lock() that determines the time at which the funds are unlocked:...
6.8AI Score
random_password_generator is vulnerable to information disclosure. The vulnerability exists due to the insecure random password generation in rand functionality in the generate function of random_password_generator.rb, allowing an attacker to guess the...
7.5CVSS
7AI Score
0.002EPSS
Insecure PRNG use in random_password_generator
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.5CVSS
2.1AI Score
0.002EPSS
Insecure PRNG use in random_password_generator
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.5CVSS
2.1AI Score
0.002EPSS
SAP Application Server ABAP / ABAP Platform Code Injection / SQL Injection / Missing Authorization
...
9.9CVSS
0.5AI Score
0.066EPSS
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.5CVSS
7AI Score
0.002EPSS
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.5CVSS
0.002EPSS
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.5CVSS
7.5AI Score
0.002EPSS
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password...
7.6AI Score
0.002EPSS
Django denial of service via empty session record creation
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to...
6.8AI Score
0.024EPSS