Lucene search
K

117 matches found

Code423n4
Code423n4
added 2022/05/15 12:0 a.m.12 views

Withdrawing ETH collateral with max uint256 amount value reverts transaction

Lines of code Vulnerability details Impact Withdrawing ETH collateral via the withdrawCollateral function using typeuint256.max for the amount parameter reverts the transaction due to asset being the zero-address and IERC20Detailedasset.decimals not working for native ETH. Proof of Concept...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.19 views

PermissionlessBasicPoolFactory.sol Does Not Support Reward Tokens With Decimals Other Than 18

Lines of code Vulnerability details Impact The PermissionlessBasicPoolFactory.sol contract allows anyone to add staking pools which users can participate in to earn reward tokens. Pools are segregated to ensure malicious pools cannot siphon tokens from honest pools. Upon the addition of a new poo...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.13 views

Tokens having more than 18 decimals are not supported

Originally submitted by warden pauliax in 173, duplicate of 49. Tokens having more than 18 decimals are not supported, the calculation will revert here: function decimalMultiplieraddress token internal view returns uint256 return 1018 - IERC20Fulltoken.decimals; --- The text was updated...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.9 views

PermissionlessBasicPoolFactory use hard coded decimals of 18

Lines of code Vulnerability details Once reward/deposit tokens decimals differ from 18 the calculations with a hard coded 1e18 will become grossly incorrect. This will lead either to receiving no rewards: say deposit is USDC with decimals of 6, being divided by 1e18 it adds 1e-12 to the rewards...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.11 views

PermissionlessBasicPoolFactory.sol Does Not Support Reward Tokens With Decimals Other Than 18

Lines of code Vulnerability details Impact The PermissionlessBasicPoolFactory.sol contract allows anyone to add staking pools which users can participate in to earn reward tokens. Pools are segregated to ensure malicious pools cannot siphon tokens from honest pools. Upon the addition of a new poo...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.8 views

Reliance on ERC20Upgradable.decimals() will always return 18 despite actual token decimals

Lines of code Vulnerability details Impact A call to ERC20UpgradeabletokenIn.decimals is used in the getAmountOut function of KnightingRound.sol to determine how much citadel to provide to the user for the given amount of tokenIn. The issue with using ERC20Upgradeable.decimals is that it always...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.9 views

Economic calculation may not be precise enough

Lines of code Vulnerability details In Funding.sol, the assetDecimalsNormalizationValue is set to 10 asset.decimals, later it is used to determine home many token units there are per one asset token in human representation. Firstly, this may be highly dangerous as .decimals return value isn't sai...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.16 views

Wrong calculation for yVault price per share if decimals != 18

Lines of code Vulnerability details The yVault.getPricePerFullShare function calculates the price per share by multiplying with 1e18 token decimals with the assumption that the underlying token always has 18 decimals. yVault has the same amount of decimals as it's underlying token see...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.14 views

New YVault depositors can be attacked by depressing share decimals

Lines of code Vulnerability details Impact An attacker can become the first depositor for a recently created YVault contract, providing a tiny amount of token by calling deposit1 raw values here, 1 is 1 wei, 1e18 is 1 token if it is 18 decimals. Then the attacker can directly transfer, for exampl...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/04/06 12:0 a.m.8 views

NonCustodialPSM's _getMintAmountOut and _getRedeemAmountOut don't account for underlyingToken decimals

Lines of code Vulnerability details Impact getMintAmountOut and getRedeemAmountOut are used to convert stablecoin amount to VOLT amount and back with the help of Oracle feed price. As stablecoin decimals differ both functions that do not scale the results accordingly will become grossly incorrect...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.10 views

Reward calculations can be rendered to zero due to the lack of precision

Lines of code Vulnerability details Impact On a combination of high enough token value and low enough decimals there can be not enough precision to store reward amount, which can be permanently hid from a user as a result. I.e. on such a combination there will effectively be no rewards for some...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.11 views

Reward and base token decimals difference isn't accounted for in LiquidityFarming

Lines of code Vulnerability details Impact Reward and base token decimals can differ, while this difference isn't accounted for in the reward amount calculations, which will lead to either missing rewards or sending the whole rewards balance to the first eligible user. For example: If reward is...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/27 12:0 a.m.8 views

Wrong token allocation computation for token decimals != 18 if floor price not reached

Handle cmichel Vulnerability details In LaunchEvent.createPair, when the floor price is not reached floorPrice wavaxReserve 1e18 / tokenAllocated, the tokens to be sent to the pool are lowered to match the raised WAVAX at the floor price. Note that the floorPrice is supposed to have a precision o...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/02 12:15 a.m.7 views

CVE-2022-22293

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAINMAXDECIMALSTOT parameter...

5.4CVSS6AI score0.00744EPSS
Exploits1References3
OSV
OSV
added 2022/01/02 12:15 a.m.4 views

UBUNTU-CVE-2022-22293

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAINMAXDECIMALSTOT parameter...

5.4CVSS6AI score0.00744EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/01/01 12:0 a.m.3 views

PT-2022-15338 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 7.0.2 Description: The issue allows HTML injection, as demonstrated by the MAIN MAX DECIMALS TOT parameter in the "admin/limits.php" endpoint. Recommendations: For Dolibarr version 7.0.2, consider restricting access to the...

5.4CVSS6.8AI score0.00744EPSS
Exploits1References13
Code423n4
Code423n4
added 2021/12/15 12:0 a.m.12 views

Yearn token <> shares conversion decimal issue

Handle cmichel Vulnerability details The yearn strategy YearnYield converts shares to tokens by doing pricePerFullShare shares / 1e18: function getTokensForSharesuint256 shares, address asset public view override returns uint256 amount if shares == 0 return 0; // @audit should divided by...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/12 12:0 a.m.13 views

Non compatile with all tokens

Handle 0x1f8b Vulnerability details Impact It could not work with all tokens. Proof of Concept The method fromTokenAmount inside the contract Token18 can't work with tokens with 0 decimals, the result of UFixed18Lib.ratio will throw and error because it will divide by zero. It's mandatory to chec...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/01 12:0 a.m.9 views

Wrong decimals returned by maltMarketPrice()

Handle gzeon Vulnerability details Impact maltMarketPrice in UniswapHandle return incorrect decimals of price when rewardDecimals maltDecimals else if rewardDecimals maltDecimals uint256 diff = maltDecimals - rewardDecimals; price = rewardReserves.mul10diff.mul10rewardDecimals.divmaltReserves;...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/01 12:0 a.m.9 views

UniswapHandler.maltMarketPrice returns wrong decimals

Handle cmichel Vulnerability details The UniswapHandler.maltMarketPrice function returns a tuple of the price and the decimals of the price. However, the returned decimals do not match the computed price for the else if rewardDecimals maltDecimals branch: else if rewardDecimals maltDecimals uint2...

6.8AI score
Exploits0
Rows per page
Query Builder