7 matches found
Contracts are vulnerable to fee-on-transfer accounting-related issues
Lines of code 359, 448, 509, 530, 42, 797, 162 Vulnerability details The functions below transfer funds from the caller to the receiver via transferFrom, but do not ensure that the actual number of tokens received is the same as the input amount to the transfer. If the token is a fee-on-transfer...
Contracts are vulnerable to fee-on-transfer accounting-related issues
Lines of code 359, 448, 509, 530, 42, 797, 162 Vulnerability details The functions below transfer funds from the caller to the receiver via transferFrom, but do not ensure that the actual number of tokens received is the same as the input amount to the transfer. If the token is a fee-on-transfer...
Contracts are vulnerable to fee-on-transfer accounting-related issues
Lines of code 359, 448, 509, 530, 42, 797, 162 Vulnerability details The functions below transfer funds from the caller to the receiver via transferFrom, but do not ensure that the actual number of tokens received is the same as the input amount to the transfer. If the token is a fee-on-transfer...
The Transfer event is emitted successfully in MinterContract#mintAndAuction() even when the transaction has failed, leading to inaccurate accounting in off-chain systems.
Lines of code Vulnerability details Impact The airDropTokens function in the NextGenCore contract is responsible for minting and transferring an NFT to a user, exclusively called by the MinterContract. However, the execution of airDropTokens within MinterContractmintAndAuction prior to critical...
Swivel.sol transfer of tokens in initiateZcTokenFillingZcTokenExit and initiateVaultFillingVaultExit can fail without reverting causing account problems
Handle GalloDaSballo Vulnerability details Impact initiateZcTokenFillingZcTokenExit and initiateVaultFillingVaultExit in Swivel.sol are using transferFrom This function call can fail meaning the tokens are not transferred without causing a revert This would break the accounting in the protocol I...
Wrong balance to reserve casting in _updateReserves()
Handle 0xsanson Vulnerability details Impact In HybridPool's updateReserves function, the reserves are calculated as: uint256 reserve0, uint256 reserve1 = balance; This is incorrect, since reserves are a bento-share quantity, while balance outputs a bento-amount quantity. This basically inflates...
Fedora 29 : xen (2018-2fde555d91)
insufficient TLB flushing / improper large page mappings with AMD IOMMUs XSA-275 1651665 resource accounting issues in x86 IOREQ server handling XSA-276 x86: incorrect error handling for guest p2m page removals XSA-277 x86: DoS from attempting to use INVPCID with a non-canonical addresses XSA-279...