CVE-2024-32644

Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Prior to 17.0.0, there is a way to mint arbitrary tokens due to the possibility to have two different states not in sync during the execution of a transaction. The exploit ...

Reentrancy Attack Vulnerability in StablecoinBridge Contract

Lines of code Vulnerability details Impact The vulnerability can potentially drain the funds of the contract by allowing an attacker to repeatedly call the mint or burn functions and re-enter the mintInternal or burnInternal functions before they complete. Proof of Concept To deploy the...

LineLib.sendOutTokenOrETH() may not be compatible with contract receiver because of use of transfer()

Lines of code Vulnerability details Impact LineLib.sendOutTokenOrETH may revert when its receiver is a contract, preventing it from receiving ETH, and thus from much of the functionality of the protocol. Proof of Concept LineLib.sendOutTokenOrETH is as follows. / @notice - Send ETH or ERC20 token...

Reentrancy in withdrawGovernanceAsset

Handle 0x1f8b Vulnerability details Impact The method withdrawGovernanceAsset it's vulnerable to reentrancy attacks. Proof of Concept The method FlashGovernanceArbiter.withdrawGovernanceAsset it's vulnerable to reentrancy attacks because the flag stored in pendingFlashDecision it's deleted AFTER...

CVE-2018-17877

CVE-2018-17877 concerns a lottery Smart Contract for Greedy 599 (Ethereum). The vulnerability: the contract generates a random value that is predictable through an external contract call. The developer attempted to prevent malicious contracts with extcodesize(), but an attacker can bypass this by...

CVE-2018-17877

A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a random value that is predictable via an external contract call. The developer used the extcodesize function to prevent a malicious contract from being called, but the attacker can bypass it by writing t...