-
0xepley
medium
# `createMarket` function can be Dos
## Summary
The `createMarket` function in the `Factory` contract is vulnerable to frontrunning. A frontrunner can deploy their own market before A…
-
santiellena
high
# Incorrect check of locked liquidity on `GoatV1Pair::_beforeTokenTransfer` lets bots snipe LP fees
## Summary
A malicious user could sandwich swaps and steal LPs fees becau…
-
exolorkistis
high
# Possible loss of funds due to access control
## Summary
By frontrunning the function claimRewards it is possible for the rewards to be stolen
## Vulnerability Detail
In the sm…
-
# Lines of code
https://github.com/Tapioca-DAO/tapioca-periph-audit/blob/023751a4e987cf7c203ab25d3abba58f7344f213/contracts/TapiocaDeployer/TapiocaDeployer.sol#L22-L50
# Vulnerability details
## I…
-
# Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/perp-vault/PerpetualAtlanticVault.sol#L181
# Vulnerability details
# Issue
The PerpetualAtlanticVault::setAddress()…
-
# Lines of code
https://github.com/code-423n4/2023-10-wildcat/blob/c5df665f0bc2ca5df6f06938d66494b11e7bdada/src/market/WildcatMarketToken.sol#L31-L34
https://github.com/code-423n4/2023-10-wildcat/blo…
-
# Lines of code
https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a71ebd9ae76384f837204216f26380c9f91/src/LiquidityPool.sol#L324
https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a7…
-
Bandit
high
# Lack of Slippage Control For Liquidity Functions
## Summary
There is no slippage controls for depositing and withdrwaing uniswap liquidity
## Vulnerability Detail
There i…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L119-L144
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTOracle.sol#L52
# Vulnerability deta…
-
jovi
high
# Vulnerability in refundEth and unwrapWeth Functions
## Summary
The refundEth and unwrapWeth functions, inherited from RouterTokenHelper and present in the BasePositionManager and Liquidi…