Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/08/04 12:0 a.m.10 views

There is no decrease for the share allowance from _addCollateral when share passed zero

Lines of code Vulnerability details Impact When calling addCollateral, and if the share passed as zero, it is calculated based on the passed amount. However, this happens after allowanceBorrow was already called in addCollateral. So, deduction never occur for the share. Eventually, the borrow...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.8 views

addCollateral allows anyone to addCollateral on behalf of others

Lines of code Vulnerability details Impact addCollateral allows anyone to addCollateral on behalf of others. In other words, bypassing the borrow allowance check. Proof of Concept allowedBorrow modifier will not revert if passed share == 0. addCollateral method uses allowedBorrow modifier functio...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.6 views

Malicious user can drain the Singularity contract of it's liquidity

Lines of code Vulnerability details Impact The SGLCollateral contract has functionality to allow users to remove and add collateral for the Singularity market. The addCollateral function accepts a skim parameter that, if defined as true, will cause the internal addTokens function to assert that t...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/20 12:0 a.m.10 views

Stealing fund by applying reentrancy attack on removeCollateral, startLiquidationAuction, and purchaseLiquidationAuctionNFT

Lines of code Vulnerability details Impact By applying reentrancy attack involving the functions removeCollateral, startLiquidationAuction, and purchaseLiquidationAuctionNFT, an Attacker can steal large amount of fund. Proof of Concept Bob a malicious user deploys a contract to apply the attack...

6.8AI score
Exploits0
Rows per page
Query Builder