bug-bounty406
google396
xss352
microsoft308
facebook282
exploit187
apple185
rce176
malware141
cve110
account-takeover94
browser88
csrf86
writeup70
privilege-escalation66
phishing62
dos60
react60
supply-chain57
bragging-post55
authentication-bypass54
node51
cloudflare51
ssrf50
aws48
docker48
access-control46
smart-contract45
reverse-engineering45
web345
ethereum43
defi42
oauth41
pentest41
sql-injection40
lfi36
idor35
info-disclosure34
race-condition34
smart-contract-vulnerability32
cloud32
buffer-overflow31
auth-bypass30
clickjacking29
wordpress29
solidity27
subdomain-takeover27
vulnerability-disclosure25
ctf24
web-application24
0
8/10
vulnerability
A critical integer truncation vulnerability in Astar's assets-erc20 precompile allowed attackers to steal up to $400,000 by passing uint256 values larger than u128 max that truncate to zero, causing smart contracts to record successful token transfers when none actually occurred.
integer-truncation
evm-precompile
substrate
polkadot
parachain
astar-network
erc20
smart-contract-vulnerability
frontier
token-theft
vulnerability-disclosure
bug-bounty
Astar
Zellic
Faith
vakzz
Polkadot
Substrate
Frontier
Parity Technologies
Immunefi
Kagla Finance
CVE details not provided in excerpt