Lucene search
+L

21 matches found

Packet Storm News
Packet Storm News
added 2025/05/25 12:0 a.m.6 views

A Quantitative Notion of Economic Security for Smart Contract Compositions

Decentralized applications are often composed of multiple interconnected smart contracts. This is especially evident in DeFi, where protocols are heavily intertwined and rely on a variety of basic building blocks such as tokens, decentralized exchanges and lending protocols. A crucial security...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.6 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.13 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.12 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.15 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.20 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.11 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.10 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/29 12:0 a.m.8 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details Impact getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/22 12:0 a.m.12 views

H-09 Unmitigated

Lines of code Vulnerability details Issue not mitigated About the problem In the report i have described some vaults that will not work in the designed system. Example of such vault will be any vault that has withdraw limit. In this case yieldVault.maxWithdraw call will not return actual amount o...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.12 views

The _currentExchangeRate of the Vault contract can't increase, and always be lower than or equal to _assetUnit

Lines of code Vulnerability details Impact The currentExchangeRate of the Vault contract can not increase, and always be lower than or equal to assetUnit. Therefore, when the vault is undercollateralized currentExchangeRate assetUnit, it can't be further collateralized. Proof of concept function...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/04/19 12:0 a.m.8 views

Challenger incentives can be inflated with external transfers

Lines of code Vulnerability details Impact The function notifyChallengeSucceeded calculates the volume of ZCHF to be repaid, which is then used to calculate the reward for the challenger. The challenger can however artificially inflate this value. A challenger can start a challenge on an...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/11/18 12:0 a.m.356 views

dETH are branded as slash proof, but ETH2 slashing could make 32 deposit drop much below 24 (down to 0), making dETH undercollateralized

Lines of code Vulnerability details Description dETH is advertised as fault proof , slash proof ETH However, ETH2 staked deposit can be slashed from 32 down to 0, not just to 24 as would be expected24 dETH printed. This means dETH is undercollateralized, and indeeds bears the risk of being "paper...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/07/17 12:0 a.m.13 views

There is no boundaries for starting an auction.

Lines of code Vulnerability details Impact The team has brought this contest to be fairer to their users in terms of liquidation mechanism. Looking through this perspective, it can be developed more on the process to be much fairer to the users in volatile market conditions. Proof of Concept The...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/05 12:0 a.m.19 views

MATIC/AVAX and AVAX/MATIC pools

Handle 0x0x0x Vulnerability details The MATIC/AVAX and AVAX/MATIC pools are close to being undercollateralized. Don't fall for the high APR Psyops, always check the collateralization before lending into a pool, otherwise borrowers will default and you will loose your asset --- The text was update...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.6 views

Miscalculation of _supplyCreditUni allows undercollateralized loan

Handle WatchPug Vulnerability details In supplyCreditUni, the calculation of the collateral value of tokenB supply is using priceB instead of priceA, which can lead to undercollateralized loans. function supplyCreditUni address account, address returnToken, uint priceA, uint priceB, uint...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.6 views

Liquidation can be escaped by depositing a Uni v3 position with 0 liquidity

Handle WatchPug Vulnerability details When the liquidator is trying to liquidate a undercolldarezed loan by calling liquidateAccount, it calls unwrapUniPosition - uniV3Helper.removeLiquidity - positionManager.decreaseLiquidity. However, when the Uni v3 position has 0 liquidity,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/06/01 12:0 a.m.7 views

Undercollateralized vaults' owner can be overwritten

Handle cmichel Vulnerability details The witch can Witch.grab vaults and the vaultOwnersvaultId field is set to the original owner. However, when the auction time is over and the debt has not been fully paid back, the original owner is not restored, and the witch can grab the same vault again,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/05/04 12:0 a.m.6 views

UniswapConfig getters return wrong token config if token config does not exist

Handle @cmichelio Vulnerability details Vulnerability Details The UniswapConfig.getTokenConfigBySymbolHash function does not work as getSymbolHashIndex returns 0 if there is no config token for that symbol uninitialized map value, but the outer function implements the non-existence check with -1...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/04/07 12:0 a.m.11 views

Users Can Drain Funds From MarginSwap By Making Undercollateralized Borrows If The Price Of A Token Has Moved More Than 10% Since The Last MarginSwap Borrow/Liquidation Involving Accounts Holding That Token.

Handle jvaqa Vulnerability details Users Can Drain Funds From MarginSwap By Making Undercollateralized Borrows If The Price Of A Token Has Moved More Than 10% Since The Last MarginSwap Borrow/Liquidation Involving Accounts Holding That Token. Impact MarginSwap's internal price oracle is only...

6.6AI score
Exploits0
Rows per page
Query Builder