Lucene search
+L

5 matches found

Code423n4
Code423n4
added 2023/05/15 12:0 a.m.10 views

PLACEBID() IN SHORTFALL.SOL MAY LEAD TO DENIAL OF SERVICE AND FRONT RUNNING ATTACKS

Lines of code Vulnerability details Impact The Shortfall.placeBid function in the Venus protocol exhibits potential vulnerabilities that may lead to denial-of-service DoS and front-running attacks. A malicious actor could exploit these vulnerabilities to disrupt the auction process, manipulate...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.8 views

ProfilePicture subprotocol is immutably linked by subprotocolName to the CID protocol

Lines of code Vulnerability details Impact Besides having to re-register the protocol, it will also have to be redeployed. Proof of Concept A protocol is registered by name in the SubprotocolRegistry. Quoting the Canto Identity Protocol contest details: "In theory, someone can front-run a call to...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/13 12:0 a.m.13 views

Public to all funds escape

Lines of code Vulnerability details Description The LooksRareAggregator smart contract implements a bunch of functions to escape funds by the contract owner see rescueETH, rescueERC20, rescueERC721, and rescueERC1155. In this way, any funds that were accidentally sent to the contract or were lock...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/12/19 12:0 a.m.6 views

Lacking slippage protection in RebalanceManagerV3

Handle p4st13r4 Vulnerability details Impact In RebalanceManagerV3 calls to UniswapV2-like router is lacking slippage protection exposing the rebalance process to front-running attacks. Proof of Concept Tools Used Editor Recommended Mitigation Steps Consider adding a minOutput to...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/08/25 12:0 a.m.6 views

Function setAmicableResolution is susceptible to front-running attacks

Handle shw Vulnerability details Impact The setAmicableResolution function in RCMarket allows the admin to override the oracle's answer. However, this function is susceptible to front-running attacks where a user could set the winning outcome to the oracle's answer before the admin's transaction ...

6.8AI score
Exploits0
Rows per page
Query Builder