Lucene search
K

5 matches found

Code423n4
Code423n4
added 2022/11/28 12:0 a.m.20 views

Solmate saftransfer and safetransferfrom does not check the codesize of the token address, which may lead to fund loss

Lines of code Vulnerability details In PirexGmx.sol and ERC4626Vault.sol, the contract uses the solmate library which does not check the existence of code at the token address. This is a known issue when using solmate's libraries. Reference: Impact Possible loss of funds and miscalculation. Proof...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/06/18 12:0 a.m.11 views

Upgraded Q -> M from 47 [1655572104366]

Judge has assessed an item in Issue 47 as Medium risk. The relevant finding follows: 1. Unsafe use of transfer/transferFrom with IERC20 Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.11 views

uToken's approve() Function is Susceptible to Frontrunning Attacks

Handle leastwood Vulnerability details Impact Order makers will call the approve function to facilitate transactions between order takers and makers. If a taker sees that a maker is seeking to reduce its order exposure by reducing Swivel.sol's allowance, a taker can frontrun this transaction to...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/08 12:0 a.m.8 views

CompoundToNotionalV2.notionalCallback ERC20 return values not checked

Handle cmichel Vulnerability details Vulnerability Details Some tokens like USDT don't correctly implement the EIP20 standard and their transfer/transferFrom function return void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert. S...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/04/28 12:0 a.m.8 views

ERC20 return values not checked

Handle @cmichelio Vulnerability details Vulnerability Details The ERC20.transfer and ERC20.transferFrom functions return a boolean value indicating success. This parameter needs to be checked for success. Furthermore, some tokens like USDT don't correctly implement the ERC20 standard and don't...

6.9AI score
Exploits0
Rows per page
Query Builder