Lucene search
K

242 matches found

Code423n4
Code423n4
•added 2023/03/30 12:0 a.m.•11 views

Reth flashloan attack

Lines of code Vulnerability details Impact Using a flashloan to manipulate rETH/ETH price a hacker can receive more SafEth shares for the same amount of ether, thus draining all three derivative contracts rETH, SfrxEth and WstEth. Proof of Concept Reth.poolPrice depends on UniswapV3 pool.slot0...

6.6AI score
Exploits0
Code423n4
Code423n4
•added 2023/03/30 12:0 a.m.•9 views

Derivative Pool Issue can Lead to Loss User Funds when Unstaking

Lines of code Vulnerability details Impact In all withdraw functions of derivatives, there is no check for sending zero Ether back to the safEth contract. It is important to note that the addressmsg.sender.callvalue: 0"" function returns true even when transferring a zero value. On the other hand...

6.7AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/03/29 9:17 a.m.•39 views

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware

Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors ... can be silent for years, show no network activity or any other signs of presence...

6.4AI score
Exploits0
Code423n4
Code423n4
•added 2023/03/19 12:0 a.m.•7 views

Underflow if enough amount is sent to the contract

Lines of code Vulnerability details Impact In function withdraw function withdrawaddress l1Receiver external payable override uint256 amount = msg.value; // Silent burning of the ether unchecked balanceaddressthis -= amount; totalSupply -= amount; they are using unchecked to decrease balances. Th...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2023/02/03 12:0 a.m.•11 views

Reentrancy in callBatched

Lines of code Vulnerability details Proof of Concept The Caller contract implements callBatched function in order to execute a batch of calls within one call. The function has payable declaration to be able to send ETH inside the call. The NATSPEC is also provided in parallel; /// @notice Execute...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/02/02 12:0 a.m.•13 views

Solmate's safeTransfer can result in failed transfer with low level call and won't revert as it does not check the codesize of to address, which may lead to loss of funds

Lines of code Vulnerability details The following contract use solmate's SafeTransferLib : solmate/utils/SafeTransferLib.sol Solmate's safeTransfer / safeTransferFrom uses inline assembly call to transfer ether from contract to receiver. According to Solidity Docs the call may return true even if...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2023/02/01 12:0 a.m.•11 views

Unprotected Ether Withdrawal

Lines of code Vulnerability details Description Due to missing or insufficient access controls, malicious parties can withdraw some or all Ether from the contract account. This bug is sometimes caused by unintentionally exposing initialization functions. By wrongly naming a function intended to b...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2023/02/01 12:0 a.m.•13 views

Locked Ether

Lines of code Vulnerability details Description Contract with a payable function, but without a withdrawal capacity. Impact Every Ether sent to LendgineRouter will be lost. Proof of Concept File: src/periphery/LendgineRouter.sol 142: function mintMintParams calldata params external payable...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2023/01/09 12:0 a.m.•10 views

The owner's address is not declared as payable

Lines of code Vulnerability details Impact If someone sends ether to the contract, it would be highly possible that the ether could be locked forever or never withdrawn by its intended recipientOwner Proof of Concept Tools Used Manual Recommended Mitigation Steps Add "payable" keyword to the owne...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•9 views

Price manipulation by sending Ether

Lines of code Vulnerability details Price manipulation by sending Ether not profitable although The function Pair.price uses Pair.baseTokenReserves uses addressthis.balance or ERC20baseToken.balanceOfaddressthis. In case addressthis.balance is used when address0 is passed, there can be price...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•9 views

Users that send funds at a price lower than the current low bid have the funds locked

Lines of code Vulnerability details If a user contributes funds after there is no more supply left, and they don't provide a price higher than the current minimum bid, they will be unable to withdraw their funds while the NFT remains unbought. Impact Ether becomes stuck until and unless the NFT i...

6.5AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•16 views

Funds will be lost if the contract handling the refunds are unable to handle them at the moment

Lines of code Vulnerability details The return values of low-level calls are not checked Impact If the fund transfer results in a revert on the recipient's end, e.g. due to being paused, the code will continue on as if it had been successful, and the Ether will be lost. Proof of Concept Return...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•9 views

Pair.sol has payable functions with no way of withdrawing that ether

Lines of code Vulnerability details Pair.sol has payable functions with no way of withdrawing that ether Summary Value is deposited on the contract using payable functions but later can't be taken out Impact Locked ether Proof of Concept Pair.adduint256,uint256,uint256 Pair.buyuint256,uint256...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•12 views

finalise() lacks authenticate calls to this method as anyone can access it.

Lines of code Vulnerability details Impact Unprotected call to a function sending Ether to an arbitrary address. This can be exploited by attackers . Proof of Concept function finalize public Sale memory temp = sale; requireblock.number = temp.endTime, "TOO SOON";...

7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•13 views

Artist will never get their payout for their NFT in FixedPrice and OpenEdition

Lines of code Vulnerability details Impact There is no logic for transferring Ether that artist gain from their NFT sales in both FixedPrice and OpenEdition contracts. For these 2 contracts there is only logic for transferring 5% fee to the protocol. Therefore, artist will gain nothing from selli...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•11 views

The Ether for an LPDA mint sale can be locked in the LPDA contract indefinitely

Lines of code Vulnerability details Impact After a mint sale using LPDA, all the Ether can be locked in the LPDA contract indefinitely. Proof of Concept In the src/minters/ contracts, the .transfer function is used for sending Ether. It is used for sending fees to the feeReceiver, and in the...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•7 views

Denial of Service at the LPDA.sol contract due to not be capable of minting an id already minted.

Lines of code Vulnerability details Impact The ether earned by the creator and the fees for the platform can get frozen. Proof of Concept The only way the creator can get out the ether earned by the sale and also the platform to get the feest is by the next code snippet from the buy funtion at th...

7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•9 views

Ether can be lost in LPDA contract if sale.dropPerSecond is set improperly

Lines of code Vulnerability details Impact Function createLPDASale requires only sale.dropPerSecond 0 but if sale.dropPerSecond sale.startPrice / sale.endTime - sale.startTime function getPrice will revert except the case when all editions are sold before reaching negative price. Therefore, the b...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/09 12:0 a.m.•5 views

Buy can be executed after sale end

Lines of code Vulnerability details Impact In LPDA.sol buy function when all tokens are minted, the final price is set and the ether from the sale and fee is sent to the saleReceiver and feeReceiver addresses. Since there is no check to validate if sale has ended the function can be executed with...

7AI score
Exploits0
Code423n4
Code423n4
•added 2022/11/17 12:0 a.m.•10 views

Upgraded Q -> M from #164 [1668687728737]

Judge has assessed an item in Issue 164 as M risk. The relevant finding follows: 01 Lack of check if dust ether transfer is successful --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Rows per page
Query Builder