Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/12/08 12:0 a.m.19 views

Multiple re-entrancy issues allowing stealing of funds and bypassing protocol mint limits

Lines of code Vulnerability details Impact Multiple re-entrancy issues exist in the codebase, that break core functionality and allow stealing of user funds. In AuctionDemo.sol contract re-entrancy in cancelBid and cancelAllBids allows stealing of user funds. There are multiple attack surfaces,...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.10 views

Governance Token limit can be massively increased due to uninitialised lastEvent variable

Lines of code Vulnerability details Impact Due to insufficient checks in the executeInflationRateUpdate in the Minter contract, the limit on tokens that can be minted is massively increased. As lastEvent is uninitialised and equal to 0 by default, in the first line of executeInflationRateUpdate,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/01 12:0 a.m.12 views

deposit function of VeAssetDepositor.sol will be failed if stakeAddress is set.

Lines of code Vulnerability details Impact Wrong contract variable is used, so transaction cannot be executed. Proof of Concept This line is trying to call ERC20 function from minter contract. The minter is not ERC20 token, and does not have safeApprove function. So this will revert transaction...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/30 12:0 a.m.9 views

funds related to one cycle will be locked and lost if update_period() of Minter contract has not been called in a cycle

Lines of code Vulnerability details Impact updateperiod calculates emissions of current cycle and transfer them. but if in one cycle this function is not called then for that cycle emissions wouldn't get calculated and distributed because updateperiod can only do this logic for current cycle not...

7AI score
Exploits0
Rows per page
Query Builder