Insufficient Control Flow Management

Overview vyper is a Pythonic Smart Contract Language for the EVM. Affected versions of this package are vulnerable to Insufficient Control Flow Management through the slice function. An attacker can bypass the evaluation of side effects in the start argument when the length argument is set to 0,...

Unsafe ERC20 operations due to lack of contract length check

Lines of code Vulnerability details Impact Functions executeERC20DirectTransfer and executeERC20TransferFrom replicates solmate libraries methods. The problem with this is that these functions does not check existence of code at the token address. If executeERC20DirectTransferand...

Upgraded Q -> M from 189 [1655579836940]

Judge has assessed an item in Issue 189 as Medium risk. The relevant finding follows: N02 Using send to send ETH could run out of gas. You have to be sure of the logic of the recipient. --- The text was updated successfully, but these errors were encountered: All reactions...

StartTimestamp is not checked

Handle defsec Vulnerability details Impact When the promotion is created, the promotion.startTimestamp variable can be so old date. That will cause to affect to epoch calculation. Proof of Concept 1. Navigate to the following contract code. promotionsnextPromotionId = Promotion msg.sender, ticket...