Lucene search
+L

11 matches found

CNNVD
CNNVD
added 2026/03/27 12:0 a.m.11 views

WWBN AVideo 竞争条件问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a race condition vulnerability. This vulnerability stemmed from a race condition in the transferBalance method, which could allow concurrent transfer requests to...

5.3CVSS5.8AI score0.00228EPSS
Exploits1References3
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.13 views

[M2] DrainServicesSlashedFunds has not check for received funds

Lines of code Vulnerability details Impact ​ Loss of funds. Analysis of the vulnerability The function to drain funds from Service Registry is not checking that is receiving the correct amount from ServiceRegistry. /// @dev Drains slashed funds from the service registry. /// @return amount Draine...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.8 views

imbalanced or invalid liquidity additions/removals could happen

Lines of code Vulnerability details Impact Potential for loss of funds or manipulation of the pool prices. Specifically: • By allowing deposit from only one of the xToken or yToken, it enables manipulating the price ratio between the tokens in the pool. This could benefit one token over the other...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.18 views

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact By calling depositGivenInputAmount and withdrawGivenOutputAmount which both call 'reserveTokenSpecified', users may potentially create scenarios where the balance ratio allowed for the EvolvedProtocol.sol deployment is violated. POC depositGivenInputAmou...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.11 views

Lack of balance checks in the depositGivenInputAmount function

Lines of code Vulnerability details Impact Lack of balance checks in the depositGivenInputAmount function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval MINM, MAXM". Proof of Concept The depositGivenInputAmou...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.11 views

reserve balances AND reserve balance ratio INVARIANTS ARE NOT CHECKED INSIDE THE _reserveTokenSpecified FUNCTION THUS ENABLING deposit AND withdraw TRANSACTIONS TO BREAK THESE INVARIANTS

Lines of code Vulnerability details Impact The EvolvingProteus.depositGivenInputAmount function is used to calculate the output amount of LP tokens given an input amount of reserve tokens. The EvolvingProteus.withdrawGivenOutputAmount function is used to calculate the amount of LP tokens that mus...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.12 views

Swap Tokens with Fee Consideration and Balance Checks

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In the swap function, the discrepancy lies in the usage of the variable specifiedAmount instead of roundedSpecifiedAmount when checking the final balance in the swap function. if specifiedToken ==...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.22 views

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact There is a missing balance check in reserveTokenSpecified, which allows reserve tokens to be withdrawn or deposited into illegal balances, which may cause subsequent transactions to revert. It also allows the pool to be killed by withdrawing all balances...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/28 12:0 a.m.11 views

Rounding Issue and Inconsistent Fee Application

Lines of code Vulnerability details Summary There is a bug in the swap function. The bug can potentially cause incorrect balance checks and outputs when swapping. This issue arises due to improper usage of the applyFeeByRounding function. Affected Function: swap Details: In the swap function, the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/29 12:0 a.m.10 views

forceReplenish(),borrowInternal() do not judge dola balances in contracts

Lines of code Vulnerability details Impact lender can call recall to transfer amout amount of dola tokens, so it is likely that lender will transfer most of market's funds function recalluint amount public requiremsg.sender == lender, "Only lender can recall"; dola.transfermsg.sender, amount; If...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/12 12:0 a.m.13 views

redeem() doesn't support inflationary or deflationary erc20 tokens

Lines of code Vulnerability details Impact A transfer-on-fee token or a deflationary/rebasing token, causes the received amount to be less than the accounted amount. For instance, a deflationary tokens might charge a certain fee for every transfer or transferFrom. TribeRedeemer.sol supports the u...

6.8AI score
Exploits0
Rows per page
Query Builder