MISSING INPUT CKECK WHEN SETTING NEW **QuorumCoefficient**

Lines of code Vulnerability details Impact In the setQuorumCoefficient , setDynamicQuorumParams functions when the admin sets a new QuorumCoefficient, there is no check on the newQuorumCoefficient parameter which means that a wrong QuorumCoefficient could be set either being very big or very smal...

There is no validation of DynamicQuorumParams.quorumCoefficient.

Lines of code Vulnerability details Impact There is no validation of DynamicQuorumParams.quorumCoefficient and any value can be used during this calculation. Proof of Concept As we can see from the comment, quorumCoefficient should be an integer with 6 decimals but there is no require for this...

Chainlink oracle data feed is not further validated and can return stale answer

Lines of code Vulnerability details Impact Although the protocol recognizes that Chainlink oracles can provide outdated answers, using stale answers without further validation might not be a good practice. Moreover, in the updateExchangeRate function, where the latestRoundData method is used, the...

Some tokens may break VotingScrow contract in transfer and transferFrom functions

Lines of code Vulnerability details Vulnerability details Some ERC20 tokens such as USDT don't return boolean values from transfer and transferFrom methods. The require checks will therefore revert causing the functions to be unusable. Impact This would prevent withdraw and createLock functions t...

Unchecked Call Return Value

Lines of code Vulnerability details Impact The return value of a message call is not checked. Execution will resume even if the called contract throws an exception. If the call fails accidentally or an attacker forces the call to fail, this may cause unexpected behaviour in the subsequent program...

Anyone can create disputes if contractor is not set

Lines of code Vulnerability details Impact Disputes enable an actor to arbitrate & potentially enforce requested state changes. However, the current implementation does not properly implement authorization, thus anyone is able to create disputes and spam the system with invalid disputes. Proof of...

CVE-2022-34769

Michlol - rashim web interface Insecure direct object references IDOR. First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goa...

Use safetransfer/safetransferFrom consistently instead of transfer/transferFrom

Lines of code Vulnerability details Impact Its a good to add require statement to checks the return value of token transfer or using safetransfer or safetransferFrom on Openzeppelin to ensure the token revert when transfer failure. Failure to do so will cause silent failures of transfer and affec...

MAL-2022-5756 Malicious code in require-jq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7305f50f59db220bfc80a952ab5be573b7d70d3889f37f817d3ef9af46c3c66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in require-jq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7305f50f59db220bfc80a952ab5be573b7d70d3889f37f817d3ef9af46c3c66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Caller can receive liquidatorCut without transferring underlying when calling payBase()

Lines of code Vulnerability details Impact If baseJoin's available balance is greater than callers' amount no underlying will be transferred but caller still gets liquidatorCut. This may also negatively impact the accounting since its updated under the assumption that the caller will transfer...

Unsafe _price cast

Lines of code Vulnerability details Impact The price provided by chainlink AggregatorV3 could be a negative, if that happend the cast of the price goes high, in example, cast -1 to uint256 was 2256 - 1 Proof of Concept return uint256price.adjustDecimalsfeedDecimals, decimals; Tools Used Manual...

GovernorBravoDelegate.sol _initiate() can be called multiple times

Lines of code Vulnerability details Submitting as med risk because documentation inside functions shows that require is there for the purpose of preventing it being called again but is not working correctly, and since we do not have access to the timelock code I cannot fully assess the impact...

Upgraded Q -> H from 215 [1656255310294]

Judge has assessed an item in Issue 215 as High risk. The relevant finding follows: L-09 wfCashERC4626 contract does not conform to EIP4626 Description The wfCashERC4626 contract implements the EIP4626 standard EIP-4626: Tokenized Vault Standard. However, according to EIP4626, the below-mentioned...

No check for set with address(0)

Lines of code Vulnerability details Impact can mint and get approve from address 0. Proof of Concept function setMarketPlaceaddress m external authorizedadmin returns bool if marketPlace != address0 revert ExistsmarketPlace; marketPlace = m; return true; Tools Used None Recommended Mitigation Ste...

Malicious Package

Overview require-jq is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Overpaying ETH in InfinityExchange

Lines of code Vulnerability details Impact A user of the InfinityExchange contract can accidentally send more ETH than needed without the possibility to get the overpaid amount refunded. Proof of Concept if isMakerSeller && currency == address0 requiremsg.value = totalPrice, 'invalid total price'...

user can pay alot of money with out getting his tokens

Lines of code Vulnerability details lockveasset function: lockveasset functoin should do some transfer but if that dosnt happen then user can can loose alot of money and if incentiveveasset is 0 because the check is 0 and if statment will not pass and the minting will not happen and your not goin...

require statment to very importent call to a contract,never gets called

Lines of code Vulnerability details Impact bool sent, bytes memory data = addressto.callvalue: receivedETHAmount''; return receivedETHAmount; require statement is never reached. this can be a failed call and not know about it causes function to go on with the desired outcome / return ends the...

Wrong order of return and require

Lines of code Vulnerability details Impact It should check require before return, but withdrawFromYieldPool function just return before require, resulting in not checking the result of the call, users may lose their collateral. Proof of Concept The withdrawFromYieldPool function in LidoVault.sol:...