-
WATCHPUG
high
# Bull can prevent `settleContract()`
## Summary
The bull can intentionally cause out-of-gas and revert the transaction and prevent `settleContract()`.
## Vulnerability Detail
As `…
-
# Lines of code
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/Vault.sol#L294-L301
# Vulnerability details
## Impact
The first depositor can …
-
# Handle
cmichel
# Vulnerability details
The `Vault.withdrawRedundant` has wrong logic that allows the admins to steal the underlying vault token.
```solidity
function withdrawRedundant(address _…
-
panprog
medium
# Transferring ERC20 Vault tokens to another address and then withdrawing from the vault breaks `totalDeposit` accounting which is tied to deposit addresses
## Summary
Vault inherit…
-
# Lines of code
https://github.com/code-423n4/2022-02-foundation/blob/main/contracts/mixins/NFTMarketCore.sol#L77-L87
# Vulnerability details
## Impact
If a NFT happens to be in escrow with ne…
-
# Lines of code
https://github.com/code-423n4/2024-06-vultisig/blob/main/src/ILOManager.sol#L190
https://github.com/code-423n4/2024-06-vultisig/blob/main/src/ILOPool.sol#L296
# Vulnerability detail…
-
# Handle
jonah1005
# Vulnerability details
## Impact
Synth `realise` function calculates `baseValueLP` and `baseValueSynth` base on AMM spot price which is vulnerable to flash loan attack. Synth's…
-
# Lines of code
https://github.com/code-423n4/2022-06-connext/blob/4dd6149748b635f95460d4c3924c7e3fb6716967/contracts/contracts/core/connext/facets/BridgeFacet.sol#L636
# Vulnerability details
## …
-
# Lines of code
https://github.com/code-423n4/2024-01-salty/blob/53516c2cdfdfacb662cdea6417c52f23c94d5b5b/src/price_feed/CoreSaltyFeed.sol#L32-L53
# Vulnerability details
## Summary
When the price…
-
# Lines of code
https://github.com/code-423n4/2024-01-curves/blob/main/contracts/Curves.sol#L328-L336
https://github.com/code-423n4/2024-01-curves/blob/main/contracts/Curves.sol#L276-L279
# Vulnera…