Vulnerabilities tagged 'crypto'

Overly Generous Transfer Allowance in EarnHub

A simple smart contract issue this week from an actual theft, and the problem, being too trusting.The makeHop function allows users to transfer their shares between different staking pools…

 

Telenot Complex: Insecure AES Key Generation

The issue here is relatively simple despite the technical depth the authors go into on the crypto and how it’s used.AES-128 keys are used to encrypt challenge codes for the authentication flow between NFC tags and the alarm system, but the way these AES-128 keys are generated is naive and insecure…