Lucene search
K

45 matches found

RustSec
RustSec
added 2024/04/24 12:0 p.m.5 views

Arithmetic overflows in cosmwasm-std

Some mathematical operations in cosmwasm-std use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations. Affected functions: - Uint256,512::pow / Int256,512::pow - Int256,512::neg Affected if overflow-checks ...

5.3CVSS7.3AI score0.00418EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/03/05 2:39 p.m.1 views

GHSA-3QWC-47JF-5RF7 eth-abi is vulnerable to recursive DoS

This is related to recent ZST stuff https://github.com/ethereum/eth-abi/security/advisories/GHSA-rqr8-pxh7-cq3g, but it's a different one. Basically a recursive pointer issue py from ethabi import decode payload =...

5.9AI score
Exploits0References3
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.14 views

Use SafeMath for overflow protection

Lines of code Vulnerability details Unchecked math could potentially trigger overflows. Recommendation: Utilize SafeMath library for overflow safe operations. using SafeMath for uint256; function mintaddress account, uint256 amount public onlyOwner // Overflow protected totalSupply =...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.9 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.16 views

Potential Gas Inefficiency due to Unnecessary abi.encode Usage

Lines of code Vulnerability details Impact The function unnecessarily uses abi.encode to convert a uint256 to bytes32, incurring additional gas costs. This doesn't affect correctness but may lead to suboptimal gas usage. Proof of Concept By modifying the fetchInteractionId function to directly ca...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.5 views

at _modifyCollateralBalance when locking and generating debt your wad is going to be negative number but at the token Collateral mapping should not have any negative numbers

Lines of code Vulnerability details Impact the protocol will not work, all functions will not work Proof of Concept you cannot set negative number to uint256 Tools Used manual Recommended Mitigation Steps change the mapping to : mappingbytes32 cType = mappingaddress safe = int256 wad public...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.4 views

ERC20ProxyDelegator contract will always lead to zero approval

Lines of code Vulnerability details Impact In constructor of ERC20ProxyDelegator contract token.approve have typeuint256.max. This leads to approval remain zero as nothing will happens due to wrong value provided. The main reason is due to the max approval attainable is typeuint256.max – 1. This...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.11 views

functions in FixedMath.sol directly converting uint256 arguments to int256 which may overflow

Lines of code Vulnerability details Impact functions in FixedMath.sol directly converting uint256 arguments to int256 which may overflow or return unexpected values Proof of Concept functions in FixedMath.sol like uintDiv , uintMul , toFixed directly converting its arguments from uint256 to int25...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/07/07 12:0 a.m.11 views

uint128 changeAmount might overflow

Lines of code Vulnerability details Impact This issue is an edge case, that uint128 changeAmount could overflow, making the protocol fail for certain amount of swap. Proof of Concept Let's break down the changeAmount: 1. amountOut/amountIn 2. BASE27 3. normalizer File:...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.14 views

getPORFeedData() doesn't validate price feed answers (totalETHBalanceInInt and totalETHXSupplyInInt) before casting to uint256

Lines of code Vulnerability details Impact If a negative value is returned 0 from chainlink oracle and the value is cast to type uint256, the resulting value will be the unsigned representation of that value which will be an inaccurate price. Also, cases where sdprice can't be less than 0 will...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/05/22 12:0 a.m.11 views

Invalid conversion uint256 -> int256

Lines of code Vulnerability details Impact Invalid conversion uint256 - int256 in pool.swap.... The number may be incorrectly converted uint256 data.amount.value - int256 amountSpecified. As a result, number truncation may occur. Proof of Concept typeuint256.max =...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.15 views

Integer Overflow in executeExtraordinary Function.

Lines of code Vulnerability details Impact The executeExtraordinary function casts a uint128 value to a uint256 value, which could lead to an integer overflow vulnerability. An attacker can provide a large uint128 value that exceeds the maximum value for uint256, causing the value to overflow and...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.11 views

Integer Overflow/Underflow in function fundTreasury.

Lines of code Vulnerability details Impact fundTreasury function in the GrantFund.sol contract is vulnerable to integer overflow if the value of treasury variable is close to the maximum value of a uint256 integer, which is 2^256-1, and a large value of fundingAmount is added to it. It is possibl...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/04 12:0 a.m.8 views

Upgraded Q -> 3 from #306 [1683219251927]

Judge has assessed an item in Issue 306 as 3 risk. The relevant finding follows: L-01 Consider using OpenZeppelin’s SafeCast library to prevent unexpected overflows when casting from uint256 In the function buy and sell of the contract PrivatePool.sol the function first set the variables...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/05/04 12:0 a.m.7 views

Upgraded Q -> 3 from #826 [1683219178977]

Judge has assessed an item in Issue 826 as 3 risk. The relevant finding follows: 12. Consider using OpenZeppelin’s SafeCast library to prevent unexpected overflows when casting from uint256. PrivatePool.solL2 File: src/PrivatePool.sol 231: virtualNftReserves -= uint128weightSum;...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/30 12:0 a.m.15 views

poolPrice in Reth.sol can overflow and revert

Lines of code Vulnerability details Impact To determine the value of sqrtPriceX96 that will cause an overflow, we need to analyze the calculation in the function: sqrtPriceX96 uintsqrtPriceX96 1e18 96 2 The maximum value for a uint256 is 2^256 - 1. An overflow occurs when the result of the...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/19 12:0 a.m.17 views

Unsafe cast

Lines of code Vulnerability details Impact In AccountCodeStorage.sol we have function getCodeHash and getCodeSize Due to an insecure cast, it is possible to get an integer overflow. Solidity version 0.8.0 provide SafeMath, but casting operations are not safe and can overflow. Proof of Concept As...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/19 12:0 a.m.14 views

The "totalRequiredBalance()" function in the TransactionHelper.sol library can compute address(uint160(_transaction.paymaster) as zero address even when _transaction.paymaster is non-zero

Lines of code Vulnerability details Impact A user may provide a non-zero entry for the "transaction.paymaster" field for a transaction to ensure they do not have to pay the gas fees. However, certain values of "transaction.paymaster" = 2^160 can result in addressuint160transaction.paymaster to be...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/19 12:0 a.m.9 views

No check for checking the "to" address to not be zero address in _execute() function of DefaultAccount.sol

Lines of code Vulnerability details Impact The "to" address can be zero address while converting from uint256 to uint160. Proof of Concept // SPDX-License-Identifier: GPL-3.0 pragma solidity ^0.8.0; contract Test uint256 public to = 2160; function check external view assertaddressuint160to ==...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.6 views

Unsafe downcasting operation truncate numberOfTickets input

Lines of code Vulnerability details Impact Unsafe downcasting operation truncate numberOfTickets input . Player and Referrer may lose their earning because of the wrong downcasting Proof of Concept There are a few unsafe downcasting operation that truncate numberOfTickets input. The impact can be...

6.8AI score
Exploits0
Rows per page
Query Builder