13 matches found
CVE-2024-58248
nopCommerce through 4.90.1 does not offer locking for order placement. Thus there is a race condition with duplicate redeeming of gift cards...
Temporary DOS attack on users minting and redeeming big amount using EthenaMinting.sol
Lines of code Vulnerability details Impact The users redeeming and minting using EthenaMinting.sol with a large amount can be vulnerable to DOS attack. Proof of Concept There is a limit on the max amount to redeem and mint in a block. This can be crucial to the users that are minting or redeeming...
Users may not redeem the their tranche tokens and suffer loss.
Lines of code Vulnerability details Impact In case of the stablecoin depegging, users may may not redeem the their tranche tokens and suffer loss. Proof of Concept A tranche allows multiple stablecoins to be the currencies that users can deposit to get the tranche tokens. An example would be a...
Upgraded Q -> 2 from #836 [1675451857205]
Judge has assessed an item in Issue 836 as 2 risk. The relevant finding follows: Underflow error when redeeming to 0 after minting some rewards --- The text was updated successfully, but these errors were encountered: All reactions...
Minting and redeeming will break for fully minted tiers with reserveRate != 0 and reserveRate/MaxReserveRate tokens burned
Lines of code Vulnerability details Impact Minting and redeeming become impossible Proof of Concept uint256 numberOfNonReservesMinted = storedTier.initialQuantity - storedTier.remainingQuantity - reserveTokensMinted; uint256 numerator = uint256numberOfNonReservesMinted storedTier.reservedRate;...
minter_burn_from is not used, there is no way to withdraw frxETHToken minted
Lines of code Vulnerability details Impact minterburnfrom is not used, there is no way to withdraw frxETHToken minted. frxETHToken will be worthless if it can't be redeemed. Proof of Concept // Used by minters when user redeems function minterburnfromaddress baddress, uint256 bamount public...
Mismatch in withdraw() between Yearn and other protocols can prevent Users from redeeming zcTokens and permanently lock funds
Lines of code Vulnerability details Impact As defined in the docs for Euler, ERC4626, Compound and Aave, when withdrawing and depositing funds the amount specified corresponds excactly to how many of the underlying assets are deposited or withdrawn. However, as specified by Yearn, the yearn...
Illuminate PT redeeming do not return underlying to a user
Lines of code Vulnerability details In the second step of two step redeeming process, the underlying funds should be located in the Redeemer contract as external system burned the shares the Redeemer obtained from the Lender contract and returned underlying to Redeemer. Then Redeemer's Illuminate...
Vault.balance() mixes normalized and standard amounts
Handle cmichel Vulnerability details The Vault.balance function uses the balanceOfThis function which scales "normalizes" all balances to 18 decimals. for uint8 i; i tokens.length; i++ address token = tokensi; // everything is padded to 18 decimals balance = balance.addnormalizeDecimalstoken,...
ambiguous transferFrom
Handle jonah1005 Vulnerability details Impact In function redeemToken, it uses transferFrom instead of transfer. It might stop users from redeeming tokens. Proof of Concept Tools Used None Recommended Mitigation Steps Use safeTransfer instead. --- The text was updated successfully, but these erro...
User could lose underlying tokens when redeeming from the IdleYieldSource
Handle shw Vulnerability details Impact This submission is to clarify that the previous submission is invalid Proof of Concept At line 131 of IdleYieldSource, the use of the variable redeemedShare is correct since the input parameter of redeemIdleToken should be the amount of IdleTokens instead o...
erc1155 are redeemed one by one
Handle paulius.eth Vulnerability details Impact When depositing erc1155s amounts array is used and tokens are sent in bulk safeBatchTransferFrom, however, when redeeming it iterates over the amount and redeems it one by one. It is not convenient when the amount is large. Let's say I deposited 100...
phpyun v3.2 (20141226) 两处注入。
简要描述: 最近更新日期(2014-12-26) 又更新了, 麻烦别再给5rank了 20走起可好。 一处是新的 一处算是绕过补丁了。 之前还有一两个没打补丁哦 加快速度把。 详细说明: 第一处 新发现的在兑换奖品的时候 在model/redeem.class.php中 function dhaction $this-publicaction; if!$this-uid && !$this-username $this-obj-ACTlayermsg"您还没有登录,请先登录!",8,$SERVER'HTTPREFERER'; if$POST'submit'...