28 matches found
LinearBondingCurve.log2 function contains an incorrect shift operation that could lead to wrong calculation.
Lines of code Vulnerability details Impact The values in the shift operation are reversed. The provided inline assembly code for the log2 function appears to be an issue in the sequence of shift operations. Let's break down the relevant part of the code: r := or r, byte and0x1f, shrshrr, x,...
eth is being sent to an arbitrary user
Lines of code Vulnerability details Impact unauthorized access to this function could lead to unauthorized balance modifications Dangerous calls: ā jbxTerminal.addToBalanceOfvalue: data.amount.valuedata.projectId,data.amount.value,JBTokens.ETH,,new bytes0 Tools Used Slither Analysis Recommended...
Use of timestamp for comparisons
Lines of code Vulnerability details Impact The timestamp in use can be manipulated causing a logic bug in the checks performed Proof of Concept Tools Used slither Recommended Mitigation Steps use random number generation --- The text was updated successfully, but these errors were encountered: Al...
Missing 0 address check
Lines of code Vulnerability details Impact A 0 address can be used here an transaction will not revert loosing funds Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. The Function alone doesn't...
Return value unchecked - leads to privilege escalation
Lines of code Vulnerability details Impact The application doesn't check the return value of isGrantes properly Proof of Concept no check on the return value only exception handled Tools Used slither Recommended Mitigation Steps check the return value or force it for the implementing class --- Th...
Reentrancy in staking function exit
Lines of code Vulnerability details Impact The user on calling exit calls the updateReward function twice. Proof of Concept First entry is in function withdraw burn Calling the Hook beforeTokenTransfer Which in turn calls updateReward Second Entry getReward call updateReward directly Tools Used...
when the 'v' value from a signature is 0, checkSignatures function can be tricked
Lines of code Vulnerability details Impact when the v value of a signature is = 0, the 'checkSignatures' in entryPoint function doesn't check if the signer is the owner of the wallet and assumes that it is from a contract, a malicious party could craft a signature with the v value = 0, and...
Ignored return value from "IERC20.transferFrom()"
Lines of code Vulnerability details Impact The return value from IERC20.transferFrom in "StableVault" was not checked, a malicious actor could first deposit a number of tokens without actually having it and then subsequently withdraw that amount of tokens from the "StableVault" Proof of Concept...
finalise() lacks authenticate calls to this method as anyone can access it.
Lines of code Vulnerability details Impact Unprotected call to a function sending Ether to an arbitrary address. This can be exploited by attackers . Proof of Concept function finalize public Sale memory temp = sale; requireblock.number = temp.endTime, "TOO SOON";...
divide-before-multiply in JBTiered721DelegateStore
Lines of code Vulnerability details Impact Performing multiplication before division can sometimes avoid loss of precision. The calculation of return numberReservedTokensMintable - reserveTokensMinted; results in granting a slightly higher value on each call. Proof of Concept Slither Command...
Incorrect Shift Operation
Lines of code Vulnerability details Impact There is an incorrect left shift operation in . The shift operation shl64, 1 would result in a value not equivalent to uint64 cast instead of value of 264 A left shift operation, x y is equivalent to the mathematical expression x 2y Proof of Concept...
Unchecked Transfer
Lines of code Vulnerability details High Severity - Unchecked Transfer Line 167 of Vault.sol has an unchecked Transfer. Reference and recommendation from slither. Tools Used: Slither --- The text was updated successfully, but these errors were encountered: All reactions...
Unused Return
Lines of code Vulnerability details Impact Configuration Check: unused-return Severity: Medium Confidence: Medium Description: The return value of this external call is not stored in a local or state variable. Unused return values of function calls are indicative of programmer errors which may ha...
Reentrancy in contracts/BorrowerOperations.sol
Handle heiho1 Vulnerability details Impact There are several potential re-entrant functions in contracts/BorrowerOperations.sol: = Function addColl on line 346 is potentially re-entrant as it is external but has no re-entrancy guard declared. This function invokes adjustTrove which potentially...
divide-before-multiply
Handle 0v3rf10w Vulnerability details Impact divide-before-multiply can lead to miscalculation of fees in below function Proof of Concept Vulnerable Function : Basket.handleFeesuint256 Basket.sol133-153 : uint256 feePct = timeDiff licenseFee / ONEYEAR; uint256 fee = startSupply feePct / BASE -...
Unchecked low level calls
Handle Reigada Vulnerability details Impact The return value of these low-level calls are not checked, so if the call fails, the Ether will be locked in the contract. Setting the risk as medium as the smart contract has no function to withdraw the Ether. This Ether would remain stuck in the...
Unchecked ERC20 transfer calls
Handle loop Vulnerability details ERC20 transfer and transferFrom calls normally return true on a succesful transfer. In DutchAuctionLiquidator the call asset.transfermsg.sender, collateral; is made. asset refers to whichever ERC20 asset is used for the vault of that auction. If asset is an ERC20...
[Gov.sol] Ignoring the return value of function _token.approve(...)
Handle eriksal1217 Vulnerability details Impact Medium Risk vulnerability - This does not immediately affect the contract, tokens, or funds associated but could have negative effects in regards to how the contract behaves when executing this functionality. Proof of Concept According to Slither...
Router.addDividend(address,uint256) has potentially unsafe arithmetic
Handle heiho1 Vulnerability details Impact Router.addDividendaddress,uint256 has potentially unsafe division before multiplication. This could lead to truncation. Proof of Concept Tools Used Slither Recommended Mitigation Steps Potentially this issue is mitigated by recent Solidity changes to...
Router.zapLiquidity(uint256,address,address) has unchecked transfers
Handle heiho1 Vulnerability details Impact Router.zapLiquidityuint256,address,address has unchecked transfers on lines 65, 67 and 69. Several tokens do not revert in case of failure and return false. If one of these tokens is used in Router, deposit will not revert if the transfer fails, and an...