39 matches found
Use SafeMath for overflow protection
Lines of code Vulnerability details Unchecked math could potentially trigger overflows. Recommendation: Utilize SafeMath library for overflow safe operations. using SafeMath for uint256; function mintaddress account, uint256 amount public onlyOwner // Overflow protected totalSupply =...
Loss of precision in calculations
Lines of code Vulnerability details The use of regular division can lead to loss of precision. This could enable certain manipulations through precision attacks. Recommendation: Use SafeMath's div for integer division. Division used in parent can lead to loss of precision. Safemath usage is...
There is potential underflow and overflow issues in arithmetic operations in the _getRewardsSinceLastClaim function
Lines of code Vulnerability details Impact There are potential underflow and overflow issues in arithmetic operations. Not being able to verify that subtracting lastClaimedValue from shareDataid.shareHolderRewardsPerTokenScaled would result in a negative value. This could lead to affecting the...
Unchecked Arithmetic Allows Nonce Replay
Lines of code Vulnerability details Vulnerability details The problem is the unchecked increment operation: ++nonce.value;. When nonce.value is already at its maximum value 2^256 - 1, incrementing it will wrap around to zero due to integer overflow. This means that if an attacker sends a...
Reentrancy vulnerability in BaseUSDO._executeModule() function
Lines of code Vulnerability details Impact the success variable in the executeModule function in the BaseUSDO contract is written in both line 366 and line 369. This could potentially lead to a reentrancy vulnerability. In line 366, the success variable is set to true. In line 369, the success...
[ H ] Infinite loop in calculateNewIndex prevents tokens from being minted and rewards from being distributed
Lines of code Vulnerability details Impact Recursive calls from calculateNewIndex in MultiRewardDistributor will result in an infinite loop and out of gas errors, preventing tokens from being minted and rewards being sent to some users as disburseSupplierRewardsInternal will not be called. Proof ...
Potential Integer Underflow/Overflow: The code uses the SafeCastLib library for type conversions, but it does not handle potential underflow or overflow situations.
Lines of code Vulnerability details Impact The potential integer underflow/overflow vulnerability in the code can lead to incorrect calculations, unexpected behavior, and potential security issues. Proof of Concept In the provided code, there are a few areas where potential integer...
Potential Integer Overflow/Underflow
Lines of code Vulnerability details Impact The functions insertSDPrice and getMedianValue manipulate arrays of uint256 values without explicitly checking for integer overflow or underflow. If the array lengths or calculations exceed the maximum or minimum values of uint256, it can result in...
Integer Overflow/Underflow in function fundTreasury.
Lines of code Vulnerability details Impact fundTreasury function in the GrantFund.sol contract is vulnerable to integer overflow if the value of treasury variable is close to the maximum value of a uint256 integer, which is 2^256-1, and a large value of fundingAmount is added to it. It is possibl...
poolPrice in Reth.sol can overflow and revert
Lines of code Vulnerability details Impact To determine the value of sqrtPriceX96 that will cause an overflow, we need to analyze the calculation in the function: sqrtPriceX96 uintsqrtPriceX96 1e18 96 2 The maximum value for a uint256 is 2^256 - 1. An overflow occurs when the result of the...
Unsafe cast
Lines of code Vulnerability details Impact In AccountCodeStorage.sol we have function getCodeHash and getCodeSize Due to an insecure cast, it is possible to get an integer overflow. Solidity version 0.8.0 provide SafeMath, but casting operations are not safe and can overflow. Proof of Concept As...
Integer Overflow & Underflow
Lines of code Vulnerability details Impact In the setYieldDistributionParams function, there is a danger of underflow or overflow of functionality. Owner calls the function and sets the values to be passed as uint256 for treasurySplit, SPSplit & stakingSplit. There is no check in place to ensure...
Integer Overflow
Lines of code Vulnerability details Impact The owner of the ActivePool contract can set yield distribution parameters that do not add to the expected 10000 BPS. This would cause the rebalance function to send the incorrect number of tokens when using the splits. Proof of Concept Calling...
Integer Overflow Vulnerability in _addSplittable Function.
Lines of code Vulnerability details Impact splitsStorage.splitsStatesuserId.balancesassetId.splittable += amt; This vulnerability, if exploited, would allow an attacker to add a large amount of funds to a user's splittable balance, causing it to exceed the maximum value that the uint128 type can...
Overflow vulnerability in worstCasePrice variable.
Lines of code Vulnerability details Impact // == Economic parameters // This trade is on behalf of origin. Only origin may call settle, and the buy tokens // from this trade's acution will all eventually go to origin. address public origin; IERC20Metadata public sell; // address of token this tra...
Inadequate Maximum Orders Value in Determining Minimum Buy Amount Per Order
Lines of code Vulnerability details Impact The MAXORDERS constant is defined as a uint96, which has a maximum value of 2^96-1. This means that the maximum number of orders that the contract is able to handle is 2^96-1. However, if the number of orders exceeds this maximum value, the calculation f...
integer overflow or underflow
Lines of code Vulnerability details Impact If an integer overflow or underflow occurs in the contract, it could lead to incorrect calculations and potentially unintended consequences, such as the transfer of incorrect amounts of tokens or the allocation of incorrect amounts of rewards. This could...
Integer overflow in AdaptativeFee
Lines of code Vulnerability details Impact You have to take into account that when using a pragma lower than 0.8.X there is no compiler protection against any overflow. The method AdaptiveFee.exp is vulnerable to an integer overflows. Proof of Concept Using the following recipe: x = uint256.Max g...
Possible Integer OverFlow and UnderFlow on Multiple lines of AlgebraPool.sol
Lines of code Vulnerability details There are multiple possibilities for Integer OverFlow and UnderFlow when accounting is performed on AlgebraPool Contract. The above Permalinks will highlight the raw add and sub-operations without Safe Math. Also, the contract uses a solidity version only below...
IntegerOverflow Underflow on AdaptiveFee
Lines of code Vulnerability details The AdaptiveFee uses raw calculation on all functions which are potentially vulnerable to integer Overflow and Underflow. Recommended Mitigation Steps Use Safemath library or Upgrade contract to solidity version above 0.8.0 --- The text was updated successfully...