-
**Overview:**
We've shoehorned a few requirements into a single requirement (4.1.1) which may be challenging for developers to understand.
**Recommendation:**
Let's break this into two distinct …
-
lemonmon
High
# `Kelp:_finalizeCooldown` cannot claim the withdrawal if adversary would requestWithdrawals with dust amount for the holder
## Summary
If an adversary calls `LidoWithdraw.requestWit…
-
Still seeing this in the latest plugin update v3.1.2 Node v20.12.2:
[05/03/2024, 11:30:44] [EufySecurity] ERROR
***************************
****** ERROR MESSAGE ******…
-
# Lines of code
https://github.com/code-423n4/2024-07-optimism/blob/70556044e5e080930f686c4e5acde420104bb2c4/packages/contracts-bedrock/src/cannon/PreimageOracle.sol#L568-L637
# Vulnerability detai…
-
The recipient SHOULD carefully reply on decryption failure to prevent some attacks.
# Padding Oracle Attacks (+ Encryption Oracle Attacks)
- What is it?
- The attacker can obtain the plaintext …
-
Yunohost uses StartTLS to hand-shake TLS encryptions, which is prone to downgrade attacks.
[DANE-SMTP](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) was developed to preve…
renne updated
7 months ago
-
### Describe the bug
Now the gcc toolchain in abacus repo is using OpenMPI 5.0.3. In my test, this version of OpenMPI and coressponding toolchain cannot do OMP parallel calculation normally. if OM…
-
WPA3, part of the IEEE 802.11 wireless specifications, defines a key establishment mechanism called *Simultaneous Authentication of Equals* (SAE). The key exchange mechanism is a variant of the Dragon…
-
Minetest should drop support for SHA1 authentication as it is not secure and allows downgrade attacks. This requires:
* A migration path to force users to upgrade to SRP
* /setpassword to generate…
-
# Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/main/contracts/EntityForging/EntityForging.sol#L102-L175
# Vulnerability details
## Impact
- ETH being permanently locked in t…