Lucene search
K

6 matches found

Code423n4
Code423n4
added 2023/12/21 12:0 a.m.15 views

burn() and borrow() in LendingPool are very likely to revert due to insufficient cash and could be triggered maliciously

Lines of code Vulnerability details Impact Users might not always be able to burn or borrow due to being frontrunned by other borrow or burn calls, potentially in a malicious manner so funds don't leave the LendingPool. Proof of Concept This attack could happen frequently because the health of a...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.7 views

Risk of silent overflow in rngComplete rewards cast

Lines of code Vulnerability details Impact The rngComplete function uses the rewards function from the RewardLib library to calculates the rewards that should be given, the rewards returned by the rewards function are of type uint256 but before proceeding to the reward transfer the call to...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.10 views

[ H ] Infinite loop in calculateNewIndex prevents tokens from being minted and rewards from being distributed

Lines of code Vulnerability details Impact Recursive calls from calculateNewIndex in MultiRewardDistributor will result in an infinite loop and out of gas errors, preventing tokens from being minted and rewards being sent to some users as disburseSupplierRewardsInternal will not be called. Proof ...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.12 views

Collateralization ratio manipulation can cause a denial of service

Lines of code Vulnerability details Impact Stablecoin redeeming and profit accruing in the SavingsVest contract can be blocked when the collateralization ratio has overflown. Proof of Concept The mitigation recommended in 31 and implemented by the sponsor in this commit doesn't resolve the root...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/14 12:0 a.m.8 views

Comparing Ether values using equality operators (== or !=) can be very hard to match each other . This will always reverts

Lines of code Vulnerability details Impact Comparing Ether values using equality operators can be very hard to match each other because Ether values are stored in a 256-bit unsigned integer uint256 in Solidity. This means that there are a very large number of possible Ether values, and it is very...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/05/21 12:0 a.m.8 views

Unsafe cast in swap and uniswapV3SwapCallback functions can lead to attack

Lines of code Vulnerability details Impact The swap and uniswapV3SwapCallback functions performs an unsafe cast of a uint256 type to a signed integer. amountReceived = uint256-projectTokenIsZero ? amount0 : amount1; Note that amount is chosen by the caller and when choosing amount = 2256 - 1, thi...

6.7AI score
Exploits0
Rows per page
Query Builder