bug-bounty621
facebook431
xss316
google103
rce101
csrf60
microsoft59
web354
account-takeover53
writeup50
apple42
sqli41
cve35
ssrf34
exploit33
dos31
privilege-escalation28
defi28
cloudflare27
smart-contract-vulnerability25
idor24
subdomain-takeover24
ethereum23
clickjacking23
smart-contract23
vulnerability-disclosure21
access-control21
auth-bypass19
malware19
remote-code-execution18
lfi17
cors16
race-condition15
cloud15
reverse-engineering14
authentication-bypass14
solidity14
oauth12
browser12
info-disclosure12
aws12
sql-injection11
delegatecall11
denial-of-service11
phishing11
web-application-security10
vulnerability9
buffer-overflow9
web-security9
token-theft9
0
8/10
vulnerability
A critical vulnerability in Axelar Network allowed attackers to force validators to miss votes by crafting transactions with excessive logs that exceed Tendermint's 1MB RPC request limit, leading to automatic Chain Maintainer deregistration and potential halt of cross-chain operations. The vulnerability has been patched via governance proposal 256 disabling the auto-deregistration mechanism.
axelar-network
cross-chain-bridge
validator-attack
denial-of-service
rpc-limit-bypass
tendermint
cosmos-sdk
chain-maintainer-deregistration
vote-manipulation
responsible-disclosure
bug-bounty
Axelar Network
Marco Hextor
Immunefi
AxelarGateway
Tendermint
Cosmos SDK
governance-proposal-256
0
8/10
bug-bounty
Researcher disclosed two critical bugs in Sei Network's Cosmos blockchain: (1) an ABCI EndBlocker panic triggered via vesting accounts that would halt the chain, and (2) a balance transfer vulnerability in EVM integration allowing arbitrary fund transfers. Both were caught pre-mainnet and awarded $75k and $2M respectively.
cosmos-sdk
blockchain-security
evm-integration
panic-vulnerability
state-machine-bug
vesting-accounts
balance-transfer-vulnerability
abci-hooks
tendermint
denial-of-service
fund-theft
bug-bounty-writeup
Sei Network
Sei Foundation
Cosmos SDK
Geth
Trail of Bits
Immunefi
CVE-2024-XXXXX (implied but not stated)