Lucene search
K

332 matches found

Code423n4
Code423n4
β€’added 2022/07/17 12:0 a.m.β€’10 views

Caller can receive liquidatorCut without transferring underlying when calling payBase()

Lines of code Vulnerability details Impact If baseJoin's available balance is greater than callers' amount no underlying will be transferred but caller still gets liquidatorCut. This may also negatively impact the accounting since its updated under the assumption that the caller will transfer...

6.7AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/07/08 12:0 a.m.β€’7 views

Unsafe _price cast

Lines of code Vulnerability details Impact The price provided by chainlink AggregatorV3 could be a negative, if that happend the cast of the price goes high, in example, cast -1 to uint256 was 2256 - 1 Proof of Concept return uint256price.adjustDecimalsfeedDecimals, decimals; Tools Used Manual...

6.7AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/06/19 12:0 a.m.β€’8 views

Overpaying ETH in InfinityExchange

Lines of code Vulnerability details Impact A user of the InfinityExchange contract can accidentally send more ETH than needed without the possibility to get the overpaid amount refunded. Proof of Concept if isMakerSeller && currency == address0 requiremsg.value = totalPrice, 'invalid total price'...

6.9AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/06/02 12:0 a.m.β€’9 views

user can pay alot of money with out getting his tokens

Lines of code Vulnerability details lockveasset function: lockveasset functoin should do some transfer but if that dosnt happen then user can can loose alot of money and if incentiveveasset is 0 because the check is 0 and if statment will not pass and the minting will not happen and your not goin...

6.8AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/02/02 12:0 a.m.β€’10 views

All the scxMinted is at risk of being burnt.(Limbo.sol)

Handle Hawkeye Vulnerability details Impact If one of the variables that calculate adjustedRectangle is a zero value,it will impair the calculation of excessSCX which would equal to all of the scxMinted on line 219.Nothing will be deducted from scxMinted on line 229 since adjustedRectangle =0...

6.8AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/01/27 12:0 a.m.β€’8 views

Unchecked return value for token.transferFrom call

Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransferFrom; unless one is sure the given token reverts in case of a failure. /// ... /// @param token Token that will be issued through this launch event...

6.9AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/01/27 12:0 a.m.β€’9 views

Unchecked return value for token.transfer call

Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure. Instances include: token.transfermsg.sender, amount; token.transfermsg.sender,...

6.9AI score
Exploits0
Code423n4
Code423n4
β€’added 2021/12/21 12:0 a.m.β€’9 views

Unchecked return value for token.transfer call

Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure. Instances include: IERC20Upgradeablevault.transferto, minTokenIn-amountToken;...

6.9AI score
Exploits0
Code423n4
Code423n4
β€’added 2021/11/17 12:0 a.m.β€’11 views

Missing Emergency Pause Check

Handle defsec Vulnerability details Impact During the manual code review, It has been observed that minting progress is not checked when the contract is emergency paused. This can cause misfunctionality and unlocking user funds during the emergency pausing. Proof of Concept 1- Navigate to ""...

7AI score
Exploits0
Code423n4
Code423n4
β€’added 2021/10/22 12:0 a.m.β€’11 views

fillZrxQuote doesn't return correct values when zrxSellTokenAddress == zrxBuyTokenAddress

Handle harleythedog Vulnerability details Impact Suppose that swapByQuote is called with zrxSellTokenAddress == zrxBuyTokenAddress, and neither of these addresses "signifiesETHOrZero". The contract first transfers amountToSell of these tokens from the sender's account into the contract and update...

6.9AI score
Exploits0
Code423n4
Code423n4
β€’added 2021/10/09 12:0 a.m.β€’12 views

Setting Factory.bondPercentDiv to zero cause Denial of Service in Auction.bondForRebalance()

Handle pants Vulnerability details The function Factory.setBondPercentDiv allows the owner to set the state variable Factory.bondPercentDiv to zero. Impact If Factory.bondPercentDiv equals zero then the function Auction.bondForRebalance will always revert due to a division by zero: bondAmount =...

7.1AI score
Exploits0
Code423n4
Code423n4
β€’added 2021/05/20 12:0 a.m.β€’8 views

Should reset timelockERC721s after calling transferERC721

Handle shw Vulnerability details Impact The function transferERC721 does not reset timelockERC721s after the NFT is transferred. If the same NFT token is time-locked again but with a different recipient, the recipient could not transfer the time-locked NFT by calling transferERC721 since he...

6.9AI score
Exploits0
Rows per page
Query Builder