Lucene search
K

6 matches found

Code423n4
Code423n4
added 2023/06/02 12:0 a.m.11 views

Marketplace may call onERC721Received() and create a lien during buyNftFromMarket(), creating divergence

Lines of code Vulnerability details Impact The contract supports a "push-based" NFT supply, where the price and rate are embedded in the data bytes. This way, the lender doesn't need to additionally approve the NFT but can just transfer it directly to the contract. However, since the contract als...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/12/19 12:0 a.m.6 views

When user of GroupBuy is a contract, refunds will be permanently frozen.

Lines of code Vulnerability details Description claim function is used in GroupBuy to mint Raes proportional to user's contribution to the purchased NFT. withdrawBalance is used to get back funds which are not part of the contribution. They both contain an unsafe call with ETH. For example:...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/30 12:0 a.m.13 views

Early Depositor can DOS Deposits

Lines of code Vulnerability details Impact A malicious, but generous, early depositor can DOS all future deposits. This is accomplished by directly sending aTokens to the AaveV3YieldSource.sol contract after making their first deposit. The amount of aTokens sent to the contract will manipulate th...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/29 12:0 a.m.16 views

Users' funds can become locked in the contract

Judge @GalloDaSballo has assessed the 2nd item in QA Report 163 as Medium risk. The relevant finding follows: … Users' funds can become locked in the contract In the withdraw function in ConvexStakingWrapper there's a call to MasterChef's withdraw funciton which uses the safeConcurTransfer functi...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/19 12:0 a.m.15 views

Incorrect erc20 interface

Handle 0v3rf10w Vulnerability details Impact Incorrect return values for ERC20 functions results in failure when interacting with other contract , as the return value is missing. Proof of Concept ApproveLike contracts/L1/gateway/L1Migrator.sol67-69 has incorrect ERC20 function...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/19 12:0 a.m.13 views

Incorrect erc20 interface

Handle 0v3rf10w Vulnerability details Impact Incorrect erc20 implementation can lead to failure when interacting with contarcts Proof of Concept IBridgeMinterToken contracts/token/BridgeMinter.sol5-13 has incorrect ERC20 function interface:IBridgeMinterToken.transferaddress,uint256...

7AI score
Exploits0
Rows per page
Query Builder