4 matches found
Vyper å®å Øę¼ę“
Vyper is the Pythonic smart contract language for EVM. A security vulnerability exists in versions of Vyper prior to 0.3.8 that stems from the ability to send funds to a default function in a contract with multiple regular non-payable functions, even if the default function is marked as non-payab...
Wrong implementations in ERC4626RouterBase contract
Lines of code Vulnerability details The ERC4626RouterBase contract contains a set of functions that act as wrappers for a ERC4626 contract, providing a base periphery functionality around a ERC4626 vault. There are a number of different flaws in the wrapped implementations of mint, deposit,...
Pair.sol has payable functions with no way of withdrawing that ether
Lines of code Vulnerability details Pair.sol has payable functions with no way of withdrawing that ether Summary Value is deposited on the contract using payable functions but later can't be taken out Impact Locked ether Proof of Concept Pair.adduint256,uint256,uint256 Pair.buyuint256,uint256...
Exchange.sol has payable functions but no way of withdrawing
Lines of code Vulnerability details Exchange.sol has payable functions but no way of withdrawing Impact Functions are payable: IExchange.execute Exchange.execute Exchange.bulkExecute Exchange.execute UUPSUpgradeable.upgradeToAndCall But there is no way of withdrawing, so funds can be lost PoC But...