4 matches found
manipulate rate
Lines of code Vulnerability details Impact using spot price as the exchange rate can be manipulated. Proof of Concept 1. attacker manipulates the balancer pool making eth very expensive 2. By calling the updateCache function, the attacker updates the cachedCalculatedAmount based on the manipulate...
Upgraded Q -> 2 from #463 [1682585731493]
Judge has assessed an item in Issue 463 as 2 risk. The relevant finding follows: L-08 Swapping in Reth.sol may be sub-optimal The Reth pool uses the Weth/Reth 0.05% fee pool to swap between weth and reth. I recommend using the balancer pool to swap instead as it has 80M liquidity compared to...
Lack of slippage protection on minting sNOTE from underlying assets.
Handle TomFrenchBlockchain Vulnerability details Impact Users minting sNOTE from ETH, WETH or NOTE can receive significantly less sNOTE than they expect. Minting from BPT is unaffected. Proof of Concept sNOTE allows users to deposit NOTE, ETH or WETH as a single-asset deposit into the NOTE-WETH...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 srctrack, 2 usemfstmpsize, or 3 usemfsvarsize parameter to systemadvancedmisc.php; the 4 port, 5 snaplen, or 6 count parameter to diagpacketcapture.php...