6 matches found
burn() and borrow() in LendingPool are very likely to revert due to insufficient cash and could be triggered maliciously
Lines of code Vulnerability details Impact Users might not always be able to burn or borrow due to being frontrunned by other borrow or burn calls, potentially in a malicious manner so funds don't leave the LendingPool. Proof of Concept This attack could happen frequently because the health of a...
Risk of silent overflow in rngComplete rewards cast
Lines of code Vulnerability details Impact The rngComplete function uses the rewards function from the RewardLib library to calculates the rewards that should be given, the rewards returned by the rewards function are of type uint256 but before proceeding to the reward transfer the call to...
[ H ] Infinite loop in calculateNewIndex prevents tokens from being minted and rewards from being distributed
Lines of code Vulnerability details Impact Recursive calls from calculateNewIndex in MultiRewardDistributor will result in an infinite loop and out of gas errors, preventing tokens from being minted and rewards being sent to some users as disburseSupplierRewardsInternal will not be called. Proof ...
Collateralization ratio manipulation can cause a denial of service
Lines of code Vulnerability details Impact Stablecoin redeeming and profit accruing in the SavingsVest contract can be blocked when the collateralization ratio has overflown. Proof of Concept The mitigation recommended in 31 and implemented by the sponsor in this commit doesn't resolve the root...
Comparing Ether values using equality operators (== or !=) can be very hard to match each other . This will always reverts
Lines of code Vulnerability details Impact Comparing Ether values using equality operators can be very hard to match each other because Ether values are stored in a 256-bit unsigned integer uint256 in Solidity. This means that there are a very large number of possible Ether values, and it is very...
Unsafe cast in swap and uniswapV3SwapCallback functions can lead to attack
Lines of code Vulnerability details Impact The swap and uniswapV3SwapCallback functions performs an unsafe cast of a uint256 type to a signed integer. amountReceived = uint256-projectTokenIsZero ? amount0 : amount1; Note that amount is chosen by the caller and when choosing amount = 2256 - 1, thi...