Lucene search
+L

8 matches found

Code423n4
Code423n4
added 2023/10/30 12:0 a.m.10 views

precision issue EthenaMinting:mint() allows users to steal fund.

Lines of code Vulnerability details Impact In the EthenaMinting:mint function of the contract, a call is made to the transferCollateral function. This function calculates the transfer amount using the formula uint256 amountToTransfer = amount ratiosi / 10000;. However, it does not account for...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.11 views

ZERO TRUNCATION COULD LEAD TO UNEXPECTED RESULTS

Lines of code Vulnerability details Impact Precision issue leading to zero truncation due to numerator smaller than denominator in a ratio or a division happens readily in Solidity if extra cares have not been given to it. Arithmetic operations running into this incident are typically associated...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.14 views

ERC4626 vault shares can be maliciously inflated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The price of ERC4626 vault shares can be maliciously inflated during the first deposit, leading to the loss of assets for next depositors Proof of Concept Provide direct links to all referenced code in...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.21 views

First ERC4626 deposit can break share calculation

Lines of code Vulnerability details Impact ERC4626 vault share price can be maliciously inflated on the initial deposit, leading to the next depositor losing assets due to precision issues. Proof of Concept The first depositor of an ERC4626 vault can maliciously manipulate the share price by...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.34 views

First ERC4626 deposit can break share calculation

Lines of code Vulnerability details Impact The first depositor of an ERC4626 vault can maliciously manipulate the share price by depositing the lowest possible amount 1 wei of liquidity and then artificially inflating ERC4626.totalAssets. This can inflate the base share price as high as 1:1e18...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/02 12:0 a.m.9 views

attacker or user can take advantage of percsion error and effect staking

Lines of code Vulnerability details uint256 unlockAt = block.timestamp + maxTime; unlock uninweeks can have precision issues because no floating point variables in solidity so if unlockat is 10.32 is 10 /week 3 it will 3 3 =9 instead of almost 4 weeks so users can unlock before the time they...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.11 views

Initial yVault deposit with amount=1 wei causes very expensive share price leading to precision errors and loss of funds

Lines of code Vulnerability details Impact The first depositor into yVault is able to maliciously manipulate the share price by depositing the lowest possible amount 1 wei and then artificially blowing up the yVault token balance. Following depositors will loose their deposited funds due to...

6.8AI score
Exploits0
OSV
OSV
added 2015/07/30 4:48 p.m.6 views

USN-2698-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2013-7443 Michal Zalewski...

7.5CVSS7AI score0.05684EPSS
Exploits1References5
Rows per page
Query Builder