issues
search
code-423n4
/
2024-02-wise-lending-findings
11
stars
8
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Lack of update when modifying pool fee
#160
c4-bot-7
opened
6 months ago
12
Oracle conditions too strict and no fallback price
#159
c4-bot-7
closed
5 months ago
5
Incorrect calculation in liquidation receive amount
#158
c4-bot-7
closed
5 months ago
3
Potential Loss of Arbitrage Rewards Due to Master Account Set to Zero Address in PendlePowerFarmController
#157
c4-bot-10
closed
5 months ago
3
Potential Loss of Tokens Due to Master Account Set to Zero Address in PendlePowerFarmController
#156
c4-bot-9
closed
5 months ago
3
Vulnerability in WiseCore._withdrawOrAllocateSharesLiquidation due to misuse of integer division in the presence of low-decimal tokens.
#155
c4-bot-6
closed
5 months ago
3
Analysis
#154
c4-bot-7
closed
5 months ago
2
Blacklisting a Token Breaks View Functions in WiseSecurityHelper Contract
#153
c4-bot-4
closed
5 months ago
3
Gas Optimizations
#152
c4-bot-8
opened
6 months ago
2
Tokens are not been send it to the user in the aave hub contract.
#151
c4-bot-5
closed
6 months ago
1
Analysis
#150
c4-bot-8
closed
5 months ago
3
Analysis
#149
c4-bot-1
closed
5 months ago
2
Positions in the aave hub can be unbacked if user withdraw directly on the wise lending.
#148
c4-bot-6
closed
6 months ago
1
Analysis
#147
c4-bot-5
closed
5 months ago
3
Potential Loss of Funds Due to Zero Address as Master in WiseLending Contract
#146
c4-bot-10
closed
5 months ago
3
Analysis
#145
c4-bot-5
opened
6 months ago
4
Users can front-run liquidation and avoid get liquidate.
#144
c4-bot-3
closed
5 months ago
3
`UNISWAP_V3_FEE` is hardcoded which will lead to significant losses compared to optimal routing
#143
c4-bot-4
closed
5 months ago
3
No check on return value for ' _callOptionalReturn'
#142
c4-bot-9
closed
5 months ago
4
Incorrect `NORMALISATION_FACTOR` constant in `WiseLendingDeclaration.sol`
#141
c4-bot-1
closed
5 months ago
6
QA Report
#140
c4-bot-5
closed
5 months ago
2
Inverted Logic in Chainlink Sequencer Operational Status Check
#139
c4-bot-9
closed
5 months ago
3
no check for return value of 'transfer'
#138
c4-bot-9
closed
5 months ago
3
Infinite loop in 'setAaveFlagBulk'
#137
c4-bot-6
closed
5 months ago
4
Analysis
#136
c4-bot-10
opened
6 months ago
3
Compounded rewards get erased when `PendleMarket.userReward[]` changes
#135
c4-bot-3
closed
5 months ago
6
Index Out-of-Bounds in exchangeRewardsForCompoundingWithIncentive
#134
c4-bot-9
closed
5 months ago
3
`PendlePowerManager` is incompatible with `PendleRouterV3`
#133
c4-bot-9
opened
6 months ago
14
Analysis
#132
c4-bot-1
opened
6 months ago
2
QA Report
#131
c4-bot-10
closed
5 months ago
3
Lack of slippage control in `PendlePowerFarmToken` and wrong projection of share prices due to missing sync in `preview` functions
#130
c4-bot-3
closed
5 months ago
9
`PendlePowerFarmLeverageLogic` does not validate if `ENTRY_ASSET != WETH_ADDRESS ` before performing swap
#129
c4-bot-10
closed
5 months ago
5
`PendlePowerFarmLeverageLogic` uses hard-coded fee tier of 0.01% for Uniswap V3 calls
#128
c4-bot-5
closed
5 months ago
3
Analysis
#127
c4-bot-2
closed
5 months ago
3
Usage of deprecated `minAnswer()` and `maxAnswer()` Chainlink Aggregator functions
#126
c4-bot-7
closed
5 months ago
4
Malicious actor can inflate share price and DOS power farm immediately after deployment
#125
c4-bot-5
closed
5 months ago
13
Pendle Aura Balancer market can permanently DOS `PendlePowerFarmToken` when new reward assets get added
#124
c4-bot-4
closed
5 months ago
5
`PendlePowerFarmToken:: totalLpAssetsToDistribute` may lead to temporary DOS due to price growth check being skipped during deposit
#123
c4-bot-7
opened
6 months ago
12
Inaccurate LP Token Valuation
#122
c4-bot-3
closed
5 months ago
6
Analysis
#121
c4-bot-2
opened
6 months ago
3
It is impossible to repay all debt.
#120
c4-bot-5
closed
5 months ago
4
Potential Risks of Permission Expansion Due to isOwner Function Equivalence
#119
c4-bot-6
closed
5 months ago
4
Broken use of WSTETH in Ethereum mainnet due to incompatible Oracle.
#118
c4-bot-5
closed
5 months ago
6
Analysis
#117
c4-bot-4
closed
5 months ago
2
Incorrect calculation of lending shares in `_withdrawOrAllocateSharesLiquidation` can lead to revert and failure to liquidate
#116
c4-bot-3
opened
6 months ago
6
Front-Running Risk in `enterFarm` and `enterFarmETH` Functions
#115
c4-bot-5
closed
5 months ago
5
Rapid Growth of _keyId Potentially Leads to DoS Risks
#114
c4-bot-6
closed
5 months ago
3
Lack of Reentracy Guard in `_safeTransfer`, `safeTransferFrom`, and `safeApprove` with Low-level Call
#113
c4-bot-3
closed
5 months ago
4
Unchecked Return Value of _callOptionalReturn in `ApprovalHelper.sol` and `TransferHelper.sol`
#112
c4-bot-7
closed
5 months ago
7
Uncleared `proposedMaster` Address After Ownership Claim in `OwnableMaster` Contract
#111
c4-bot-4
closed
6 months ago
1
Previous
Next