Lucene search
K

6 matches found

Code423n4
Code423n4
added 2023/05/15 12:0 a.m.6 views

Bad debt bidders’ funds are locked forever when Shortfall address is changed during ongoing debt auction

Lines of code Vulnerability details Vulnerability Details When the protocol accrues bad debt, it can be auctioned off to anyone who is willing to pay. Each user wanting to participate in the auction has to lock their bid in Shortfall contract: function placeBidaddress comptroller, uint256 bidBps...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.13 views

Division by zero error causes KangarooVault to be DoS with funds locked inside

Lines of code Vulnerability details KangarooVault can be DoS with funds locked in the contract due to a division by zero error in getTokenPrice as it does not handle the scenario where getTotalSupply is zero. Impact Funds will be locked within the KangarooVault as shown in the PoC below and it is...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.15 views

Admin should be able to refund or redeem the sanctioned users

Lines of code Vulnerability details Impact Sanctioned user's funds are locked Proof of Concept It is understood that the sanctioned users can not mint nor redeem because the functions requestMint and requestRedemption are protected by the modifier checkKYC. And it is also understood that the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/18 12:0 a.m.8 views

Operator may be removed without checking whether are there fund locked in that operator.

Lines of code Vulnerability details Impact Operator may be removed without checking whether are there fund locked in that operator. Locked fund may not be able to withdraw unless operator is being added back. Proof of Concept /// @inheritdoc INestedFactory function removeOperatorbytes32 operator...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/24 12:0 a.m.5 views

AuraClaimZap may transfer CVX tokens to itself which become locked in the contract

Lines of code Vulnerability details Impact During AuraClaimZap.claimExtras if the option LockCvx is set to false then the contract will transfer CVX tokens from the msg.sender to this contract without forwarding them on to the user. There is no way to retrieve these funds from the protocol and...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.9 views

Owner of the PoolAddressesProviderRegistry Contract Can Update the Pool Address and Effectively Lock Deposited Funds by Preventing All Withdrawals

Lines of code Vulnerability details Impact The owner of the PoolAddressesProviderRegistry contract is able to register and unregister providers as they see fit. Because AaveV3YieldSource.sol dynamically queries the Aave pool through this contract, it is possible for the owner of this Aave contrac...

7AI score
Exploits0
Rows per page
Query Builder