Lucene search
+L

6 matches found

Code423n4
Code423n4
added 2023/12/08 12:0 a.m.17 views

Issue with Decimal Conversion in Shell Protocol

Lines of code Vulnerability details Impact The identified issue within the convertDecimals function in the Shell Protocol could lead to a loss of value due to decimal truncation during token conversions. This situation is particularly critical in the context of Shell Protocol's operations, which...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.11 views

Swap functionality to sell rewards is too permissive and could cause accidental or intentional loss of value

Lines of code Vulnerability details Summary While the intention is to use the 0x protocol to sell rewards, the implementation doesn't provide any basic guarantee this will correctly happen and grants the rewarder arbitrary control over the tokens held by the strategy. Impact Rewards earned in the...

7.6AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.9 views

Admin can set very low or very high value for setting fees & collateral factor in Market.sol resulting in value loss and/or DoS

Lines of code Vulnerability details Proof of Concept The contract’s admin has control to set values in setCollateralFactorBps, setLiquidationFactorBps, setReplenismentIncentiveBps, setLiquidationIncentiveBps, setLiquidationFeeBps. All of them have upper bounds, most of them have lower bounds, but...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.8 views

The vulnerability of the `fuse_lib_readdir` function in the `libfuse-lite` library of the NTFS file system, which allows a attacker to execute arbitrary code with elevated privileges on the FUSE NTFS-3G module.

The vulnerability of the fuselibreaddir function in the libfuse-lite library of the NTFS file system for the FUSE NTFS-3G module is related to a numerical value loss of significance. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges using a...

7.4CVSS7.4AI score0.00417EPSS
Exploits0References20Affected Software7
Code423n4
Code423n4
added 2022/01/27 12:0 a.m.15 views

Users can lose value in emergency state

Handle cmichel Vulnerability details Imagine the following sequence of events: LaunchEvent.createPair is called which sets wavaxReserve = 0, adds liquidity to the pair and receives lpSupply LP tokens. LaunchEvent.allowEmergencyWithdraw is called which enters emergency / paused mode and disallows...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/08/13 12:0 a.m.9 views

ERC20Rewards breaks when setting a different token

Handle cmichel Vulnerability details The setRewards function allows setting a different token. Holders of a previous reward period cannot all be paid out and will receive their old reward amount in the new token. This leads to issues when the new token is more less valuable, or uses different...

7AI score
Exploits0
Rows per page
Query Builder