332 matches found
Caller can receive liquidatorCut without transferring underlying when calling payBase()
Lines of code Vulnerability details Impact If baseJoin's available balance is greater than callers' amount no underlying will be transferred but caller still gets liquidatorCut. This may also negatively impact the accounting since its updated under the assumption that the caller will transfer...
Unsafe _price cast
Lines of code Vulnerability details Impact The price provided by chainlink AggregatorV3 could be a negative, if that happend the cast of the price goes high, in example, cast -1 to uint256 was 2256 - 1 Proof of Concept return uint256price.adjustDecimalsfeedDecimals, decimals; Tools Used Manual...
Overpaying ETH in InfinityExchange
Lines of code Vulnerability details Impact A user of the InfinityExchange contract can accidentally send more ETH than needed without the possibility to get the overpaid amount refunded. Proof of Concept if isMakerSeller && currency == address0 requiremsg.value = totalPrice, 'invalid total price'...
user can pay alot of money with out getting his tokens
Lines of code Vulnerability details lockveasset function: lockveasset functoin should do some transfer but if that dosnt happen then user can can loose alot of money and if incentiveveasset is 0 because the check is 0 and if statment will not pass and the minting will not happen and your not goin...
All the scxMinted is at risk of being burnt.(Limbo.sol)
Handle Hawkeye Vulnerability details Impact If one of the variables that calculate adjustedRectangle is a zero value,it will impair the calculation of excessSCX which would equal to all of the scxMinted on line 219.Nothing will be deducted from scxMinted on line 229 since adjustedRectangle =0...
Unchecked return value for token.transferFrom call
Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransferFrom; unless one is sure the given token reverts in case of a failure. /// ... /// @param token Token that will be issued through this launch event...
Unchecked return value for token.transfer call
Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure. Instances include: token.transfermsg.sender, amount; token.transfermsg.sender,...
Unchecked return value for token.transfer call
Handle WatchPug Vulnerability details It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure. Instances include: IERC20Upgradeablevault.transferto, minTokenIn-amountToken;...
Missing Emergency Pause Check
Handle defsec Vulnerability details Impact During the manual code review, It has been observed that minting progress is not checked when the contract is emergency paused. This can cause misfunctionality and unlocking user funds during the emergency pausing. Proof of Concept 1- Navigate to ""...
fillZrxQuote doesn't return correct values when zrxSellTokenAddress == zrxBuyTokenAddress
Handle harleythedog Vulnerability details Impact Suppose that swapByQuote is called with zrxSellTokenAddress == zrxBuyTokenAddress, and neither of these addresses "signifiesETHOrZero". The contract first transfers amountToSell of these tokens from the sender's account into the contract and update...
Setting Factory.bondPercentDiv to zero cause Denial of Service in Auction.bondForRebalance()
Handle pants Vulnerability details The function Factory.setBondPercentDiv allows the owner to set the state variable Factory.bondPercentDiv to zero. Impact If Factory.bondPercentDiv equals zero then the function Auction.bondForRebalance will always revert due to a division by zero: bondAmount =...
Should reset timelockERC721s after calling transferERC721
Handle shw Vulnerability details Impact The function transferERC721 does not reset timelockERC721s after the NFT is transferred. If the same NFT token is time-locked again but with a different recipient, the recipient could not transfer the time-locked NFT by calling transferERC721 since he...