32 matches found
EUVD-2019-11346
Malware in sbrugna...
CVE-2019-20809
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details Impact getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified...
getAssetPrice in ChainlinkPriceOracle.sol can return stale price.
Lines of code Vulnerability details Summary On chainlink oracle for every pair of tokens price updating time is different. After that particular time the price will be updated. getAssetPrice function is not checking when the last time the price was updated. So it may return stale price . So the...
calculateAPR and estimateAPR may return invalid results
Lines of code Vulnerability details Impact The capitalForScore function in the Prime contract calculates the capital for calculation of score using a price oracle. The function is called three times inside of the contract, where only in the calculateScore is the oracle updated using the following...
Incorrect Target Amount Calculation with Different Decimals in OptionPositionManager Contract
Lines of code Vulnerability details Bug Description In the OptionPositionManager contract, at line 524, there is a calculation error in the implementation of the getTargetAmountFromOracle function. This function calculates the target amount amountB based on the prices of assets A and B obtained...
User can't redeem from RToken based on CurveStableRTokenMetapoolCollateral when any underlying collateral of paired RToken's price oracle is offline(timeout)
Lines of code Vulnerability details The CurveStableMetapoolCollateral is intended for 2-fiattoken stable metapools that involve RTokens, such as eUSD-fraxBP. The metapoolToken coin0 is pairedToken, which is also a RToken, and the coin1 is lpToken, e.g. 3CRV. And the...
Assuming a 1-1 peg of Liquid Staked Tokens like stETH and rETH to ETH is dangerous
Lines of code Vulnerability details Impact The price of ETH staking derivatives may not be pegged 1-1 to ETH which affect staking conditions. Proof of Concept To stake eth, a user calls depositBeaconChainETH. The amount parameter is passed into the addShares function. In addShares, the amount...
The compound() function is used with a fixed amountOutMinimum value
Lines of code Vulnerability details Impact The compound function helps to swap the gmxBaseReward ether for GMX tokens then the GMX tokens are deposited for pxGMX. In the swap function the amountOutMinimum helps to put the minimum value that is expected for the swap. The fixed amountOutMInimum...
MEV: Operator can bribe miner and steal honest operator's bond amount if gas price went high
Lines of code Vulnerability details Description Operators in Holograph do their job by calling executeJob with the bridged in bytes from source chain. If the primary job operator did not execute the job during his allocated block slot, he is punished by taking a single bond amount and transfer it...
setPeriodSize need check for value range
Lines of code Vulnerability details Impact If periodSize is mistakenly set too small, 0 or a small value, the price oracle might be easier to manipulate. As a consequence, multiple functionality depending on oracle price feed may lose accuracy, and even incur large fund loss. Proof of Concept The...
Hardcoded prices are subject to be abused
Lines of code Vulnerability details Impact Hardcoded prices are subject to be abused which might address the protocol being drained. Proof of Concept There are 2 possible different issues of the Lending Protocol; 1. The attack surface/risk is not originated directly through the Canto protocol but...
Frequent price update make the project vulnerable to price oracle manipulation
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Frequent price update make the project vulnerable to price oracle manipulation Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof...