Lucene search
K

9 matches found

Code423n4
Code423n4
added 2023/08/04 12:0 a.m.6 views

Malicious user can drain the Singularity contract of it's liquidity

Lines of code Vulnerability details Impact The SGLCollateral contract has functionality to allow users to remove and add collateral for the Singularity market. The addCollateral function accepts a skim parameter that, if defined as true, will cause the internal addTokens function to assert that t...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.6 views

In the BaseTOFT, removeCollateral(), any marketHelper can be specified, allowing all the ETH to be stolen from a mTapiocaOFT with ETH as erc

Lines of code Vulnerability details Impact All the ETH in mTapiocaOFT can be stolen, which is relevant when the underlying asset erc is ETH. Proof of Concept mTapiocaOFT allows removing collateral from Singularity through a cross chain call, but the address of the MarketHelper is not validated. T...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.7 views

TOFT in (m)TapiocaOft contracts can be stolen by calling removeCollateral() with a malicious removeParams.market

Lines of code Vulnerability details Impact The TOFT available in the TapiocaOFT contract can be stolen when calling removeCollateral with a malicious market. Proof of Concept mTapiocaOFT inherit BaseTOFT, which has a function removeCollateral that accepts a market address as an argument. This...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/26 12:0 a.m.9 views

Upgraded Q -> 3 from #88 [1679874652791]

Judge has assessed an item in Issue 88 as 3 risk. The relevant finding follows: L-3 KangarooVault.removeCollateral doesn't remove the collateral from the position --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/21 12:0 a.m.9 views

PaprController.removeCollateral() only takes the price of the first collateral to determine whether the NFTs can be withdrawn

Lines of code Vulnerability details Impact Unintended leniency of protocol will be taken advantage by users. Users can withdraw NFTs even if their debt of a particular NFT is higher than intended. Proof of Concept When a user wants to removeCollateral, he calls removeCollateral which loops each...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/20 12:0 a.m.10 views

Stealing fund by applying reentrancy attack on removeCollateral, startLiquidationAuction, and purchaseLiquidationAuctionNFT

Lines of code Vulnerability details Impact By applying reentrancy attack involving the functions removeCollateral, startLiquidationAuction, and purchaseLiquidationAuctionNFT, an Attacker can steal large amount of fund. Proof of Concept Bob a malicious user deploys a contract to apply the attack...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.17 views

Able to remove all collateral after borrow

Lines of code Vulnerability details Assuming to borrow asset tokens from a pair contract a user must first deposit collateral tokens. After they deposit collateral tokens their userCollateralBalance increases and they can then call borrowAsset to receive asset tokens from the contract. The...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/05/20 12:0 a.m.4 views

The bool return value of variable success is not checked/handled in removeCollateral() of NFTPairWithOracle.sol

Adding this issue from 77 which highlights a high-risk issue dupe of 21 --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.11 views

Lender can adjust ltvBPS and instantly sieze collateral

Lines of code Vulnerability details Impact After the loan is accepted and is in the LOANOUTSTANDING phase, updateLoanParams allows the lender to update the TokenLoanParams.ltvBPS parameter. The require check allows for the parameters to change as long as they are favorable for the borrower, but...

6.7AI score
Exploits0
Rows per page
Query Builder