-
# Handle
WatchPug
# Vulnerability details
In the current design/implementation of `WJLP` and collateral redeem system, adding `JLP` as collateral via `WJLP` can obtain rights to the future rewards…
-
On issue #279 @keithw commented:
"[...]. I'm not really eager to make Mosh crypto-agile -- if you look at incumbent systems, like OpenSSH, cipher negotiation is a huge source of bugs and security ho…
-
# Lines of code
https://github.com/code-423n4/2024-02-wise-lending/blob/main/contracts/PowerFarms/PendlePowerFarmController/PendlePowerFarmToken.sol#L98-L130
https://github.com/code-423n4/2024-02-wis…
-
I'm not an expert on email, but my basic understanding is that normally server to server emails aren't very secure, and that as certain features of DMARC, DKIM, and SPF rely upon accurate DNS records …
-
# Lines of code
https://github.com/code-423n4/2022-06-yieldy/blob/524f3b83522125fb7d4677fa7a7e5ba5a2c0fe67/src/contracts/LiquidityReserve.sol#L100-L127
# Vulnerability details
## Impact
Function `…
-
I happened to notice that I was accessing some sites, even ones that have HTTPS and even on Brave getting, over HTTP.
HTTPS Everywhere has opt-in mode *Encrypt All Sites Eligible* that seems useful…
-
Reported by: **[Pegasus-RPG](https://github.com/Pegasus-RPG)**
Date: 2015-11-17T15:21:06Z
Status: Confirmed
Importance: Wishlist
Launchpad Issue: [lp1517087](https://bugs.launchpad.net/bugs/1517087)
T…
-
```
Ubuntu has rolled out TLS_FALLBACK_SCSV patches (TLS Protocol Downgrade attack
prevention) to their openssl packages, but servers running mod_spdy are still
affected due to the built-in openssl.…
-
# Lines of code
https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d5de36a8f/contracts/tOFT/modules/BaseTOFTLeverageModule.sol#L111-L146
# Vulnerability details
## I…
-
philmnds
High
# Attacker will prevent any raffles by calling `WinnablesTicketManager::cancelRaffle` before admin starts raffle
### Summary
The [`WinnablesTicketManager::cancelRaffle`](https://gith…