11 matches found
WWBN AVideo 竞争条件问题漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a race condition vulnerability. This vulnerability stemmed from a race condition in the transferBalance method, which could allow concurrent transfer requests to...
[M2] DrainServicesSlashedFunds has not check for received funds
Lines of code Vulnerability details Impact Loss of funds. Analysis of the vulnerability The function to drain funds from Service Registry is not checking that is receiving the correct amount from ServiceRegistry. /// @dev Drains slashed funds from the service registry. /// @return amount Draine...
imbalanced or invalid liquidity additions/removals could happen
Lines of code Vulnerability details Impact Potential for loss of funds or manipulation of the pool prices. Specifically: • By allowing deposit from only one of the xToken or yToken, it enables manipulating the price ratio between the tokens in the pool. This could benefit one token over the other...
Missing balance checks in _reserveTokenSpecified()
Lines of code Vulnerability details Impact By calling depositGivenInputAmount and withdrawGivenOutputAmount which both call 'reserveTokenSpecified', users may potentially create scenarios where the balance ratio allowed for the EvolvedProtocol.sol deployment is violated. POC depositGivenInputAmou...
Lack of balance checks in the depositGivenInputAmount function
Lines of code Vulnerability details Impact Lack of balance checks in the depositGivenInputAmount function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval MINM, MAXM". Proof of Concept The depositGivenInputAmou...
reserve balances AND reserve balance ratio INVARIANTS ARE NOT CHECKED INSIDE THE _reserveTokenSpecified FUNCTION THUS ENABLING deposit AND withdraw TRANSACTIONS TO BREAK THESE INVARIANTS
Lines of code Vulnerability details Impact The EvolvingProteus.depositGivenInputAmount function is used to calculate the output amount of LP tokens given an input amount of reserve tokens. The EvolvingProteus.withdrawGivenOutputAmount function is used to calculate the amount of LP tokens that mus...
Swap Tokens with Fee Consideration and Balance Checks
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In the swap function, the discrepancy lies in the usage of the variable specifiedAmount instead of roundedSpecifiedAmount when checking the final balance in the swap function. if specifiedToken ==...
Missing balance checks in _reserveTokenSpecified()
Lines of code Vulnerability details Impact There is a missing balance check in reserveTokenSpecified, which allows reserve tokens to be withdrawn or deposited into illegal balances, which may cause subsequent transactions to revert. It also allows the pool to be killed by withdrawing all balances...
Rounding Issue and Inconsistent Fee Application
Lines of code Vulnerability details Summary There is a bug in the swap function. The bug can potentially cause incorrect balance checks and outputs when swapping. This issue arises due to improper usage of the applyFeeByRounding function. Affected Function: swap Details: In the swap function, the...
forceReplenish(),borrowInternal() do not judge dola balances in contracts
Lines of code Vulnerability details Impact lender can call recall to transfer amout amount of dola tokens, so it is likely that lender will transfer most of market's funds function recalluint amount public requiremsg.sender == lender, "Only lender can recall"; dola.transfermsg.sender, amount; If...
redeem() doesn't support inflationary or deflationary erc20 tokens
Lines of code Vulnerability details Impact A transfer-on-fee token or a deflationary/rebasing token, causes the received amount to be less than the accounted amount. For instance, a deflationary tokens might charge a certain fee for every transfer or transferFrom. TribeRedeemer.sol supports the u...