369 matches found
Users can deposit() even when Chainlink's price feed for CVX is stale
Lines of code Vulnerability details Bug Description In VotiumStrategy.sol, the price of vAfEth is determined by the price function: VotiumStrategy.solL31-L33 function price external view override returns uint256 return cvxPerVotium ethPerCvxfalse / 1e18; As seen from above, it calls ethPerCVX wit...
Malicious code in solidity-tracer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adef035708c56e9f6cce417f26ec5967eaf0a0e639c18e8c140d6e92ffdaef9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8076 Malicious code in solidity-tracer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adef035708c56e9f6cce417f26ec5967eaf0a0e639c18e8c140d6e92ffdaef9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
DelegateTokenRegistryHelpers::calculateDecreasedAmount() - Comment "Assumes the decreased amount won't underflow with "amount"", but it *can* underflow given the right value for parameter decreaseAmount, and is also inside unchecked {} block.
Lines of code Vulnerability details Impact Summary: Since the affected line is inside an unchecked block, the inbuilt solidity protection functionality wont revert this function execution on underflow, therefore the max uint256 value will be returned for calculateDecreasedAmount. Not only that, b...
The code uses assembly for memory allocation, which can be complex and prone to errors.
Lines of code Vulnerability details Impact The code uses assembly for memory allocation, which can be complex and prone to errors. Inefficient memory management can lead to gas inefficiency and potential vulnerabilities. Proof of Concept The code uses assembly for memory allocation, which can be...
Protocol will fail for ERC1155 tokens
Lines of code Vulnerability details Issue DelegateTokenTransferHelpers::checkERC1155BeforePull and DelegateTokenTransferHelpers::pullERC1155AfterCheck perform "set and check" operations on erc1155Pulled.flag which will always revert. In the first function, the value of erc1155Pulled.flag is set t...
Failure to Return Value from Low-Level Call
Lines of code Vulnerability details In Solidity, the "low-level call" operation, often used with inline assembly, is a powerful tool for interacting with external contracts. However, there is a specific bug related to low-level calls that can result in unexpected behavior. Instances 1: File:...
abi.encode() function does not support dynamic arrays in Solidity version 0.8.16 or earlier.
Lines of code Vulnerability details Description The bug is in the burnAndCallAxelar function. The function uses the abi.encode function to encode the payload to send to the AxelarGateway contract. However, the abi.encode function was changed in Solidity version 0.8.17 to remove the support for...
Potential Out of Bound Error When Accessing Range Array
Lines of code Vulnerability details The code seems to be attempting to access an element of the 'ranges' array using an index calculated from the array's length minus one. However, during the deployment or initialization of the contract, if the length of 'ranges' is 1, this calculation results in...
Rounding in the unwrap function in rUSDY may cause fund loss for users.
Lines of code Vulnerability details Impact Rouding with BPSDENOMINATOR in function unwrap in rUSDY.sol may cause users to be transfered back less than expected USDY. POC The rUSDY.sol contract provides a way to wrap an amount of USDY as shares in order to gain profit in rUSDY. This is done throug...
Lose due to rounding. Use more precise library for mathematical operations
Lines of code Vulnerability details Impact The mulDivDown function, assumed to be from FixedPointMathLib, is likely designed to multiply two numbers and then divide the result, rounding down any remainders. This rounding down can result in minor discrepancies when converting between assets and...
Deployment issues with chains not compatible with Shanghai hardfork
Lines of code Vulnerability details Impact Besides issues with deployment &maintenance contracts; A Big Issues is quoted below from an audit finding... "This could also become a problem if different versions of Solidity are used to compile contracts for different chains. The differences in byteco...
Validating input parameters with the max value of uint
Lines of code Vulnerability details Impact Validating input values with uint256.max will not revert in any condition as solidity v0.8.0 reverts on overflow and underflow. Detailed description of the impact of this finding. Due to solidity v0.8.0 which reverts on overflow and underflow of integer...
ABDKMath64 performs multiplication on results of division
Lines of code Vulnerability details Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. POC: EvolvingProteus is using ABDKMath64x64 library which is doing performing multiplication before division this can roundi...
Potential Overflow Bug in sync_ledger Function
Lines of code Vulnerability details Impact The syncledger function in the provided Solidity smart contract is vulnerable to potential overflow issues when processing a large value for the delta parameter. Depending on the magnitude of the delta value, the contract may encounter various undesired...
Failed transfer with low level call could be overlooked
Lines of code Vulnerability details Impact In LendingLedger.sol and votingEscrow.sol, low level call made using the call, According to the Solidity docs, "The low-level functions call, delegatecall and staticcall return true as their first return value if the account called is non-existent, as pa...
getTickAtSqrtRatio used in TokenisableRange.sol to calculate lower and upper ticks is used without letting for overflow behavior, which is required
Lines of code Vulnerability details Impact The function getTickAtSqrtRatio is used multiple times in the TokenisableRange.sol, but the library TickMath.sol is compiled with pragma solidity ^0.8.4 as you can see here which doesn't allow for overflows, and since the function is not unchecked,...
INCORRECT ACCESS CONTROL
Lines of code https...
Wrong Type for Time Related Variable
Lines of code Vulnerability details Impact uint8, uint16 was used as Type to declare Time Related Variable in the LiquidationPair.sol contract, this totally wrong as except otherwise stated, seconds is the standard time frame in solidity and the number of digits needed will be too large for uint8...
TokenisableRange.sol claimFee function allows more slippage than intended due to incorrect calculation
Lines of code Vulnerability details Impact In TokenisableRange.sol, claimFee collects swap fees generated in uniswap and compound these fees by minting to Uniswap pool. During minting collected fees back in uniswap, slippage protection is conducted by comparing addedValue - a value based on added...