Lucene search
K

5 matches found

Code423n4
Code423n4
added 2022/09/08 12:0 a.m.14 views

Lack of minimal sufficient liquidity check can result in unreliable prices

Lines of code Vulnerability details function getPriceCantoaddress token internal view returnsuint erc20 token = erc20token; address pair = pairForaddresswcanto, addresstoken, false; if !isPairpair return 0; // this pair does not exist with Canto uint decimals = 10 token.decimals; // get decimals ...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.9 views

Blocking of Legitimate Liquidation

Lines of code Vulnerability details Issue: removeCollateral calculates whether liquidation is allowed via requirerate.mulloanParams.ltvBPS / BPS amount, "NFT is still valued";. An arbitrarily high ltvBPS will effectively bypass the oracle price and block liquidation. Consequences: A malicious...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/28 12:0 a.m.11 views

Unsecure oracle price

Handle 0x1f8b Vulnerability details Impact The oracle price use an unsecure calculation. Proof of Concept The contract Cvx3CrvOracle use the min price of dai, usdt and usdt instead of the average, so if an attacker is able to compromise the oracle end point, and change one of them, the contract...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/15 12:0 a.m.8 views

withdrawTo Does Not Sync Before Checking A Position's Margin Requirements

Handle leastwood Vulnerability details Impact The maintenanceInvariant modifier in Collateral aims to check if a user meets the margin requirements to withdraw collateral by checking its current and next maintenance. maintenanceInvariant inevitably calls AccountPosition.maintenance which uses the...

7AI score
Exploits0
OSV
OSV
added 2020/04/15 2:15 p.m.5 views

CVE-2020-2942

Vulnerability in the Oracle Financial Services Price Creation and Discovery product of Oracle Financial Services Applications component: User Interface. The supported version that is affected is 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

7.1CVSS7.1AI score0.01051EPSS
Exploits0References1
Rows per page
Query Builder