issues
search
sherlock-audit
/
2022-09-knox-judging
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Wrongly duplicated
#154
Evert0x
opened
1 year ago
0
ArbitraryExecution - Auction can be ended with large limit order
#153
sherlock-admin
opened
1 year ago
2
ArbitraryExecution - Stale data in Oracle data feed
#152
sherlock-admin
closed
1 year ago
0
ArbitraryExecution - getPositivePlaceValues(int128) can revert with a small argument
#151
sherlock-admin
closed
1 year ago
1
vlad - Passing the diamond facet address control
#150
sherlock-admin
closed
1 year ago
0
ak1 - PricerInternal.sol#L49 : The price data returned from `_latestAnswer64x64` may not be a updated one (may not be a latest data)
#149
sherlock-admin
closed
1 year ago
0
ak1 - PricerInternal.sol#L62 : The function could revert when subtracting the uint256 number from unint64
#148
sherlock-admin
closed
1 year ago
0
hansfriese - `VaultAdmin.initializeEpoch()` might revert with some weird ERC20 tokens.
#147
sherlock-admin
closed
1 year ago
1
hansfriese - `ERC20.approve()` is missing the return value check.
#146
sherlock-admin
closed
1 year ago
0
hansfriese - Chainlink's latestRoundData might return stale or incorrect results.
#145
sherlock-admin
closed
1 year ago
0
hansfriese - `OrderBook._remove()` doesn't update `index.length` properly.
#144
sherlock-admin
closed
1 year ago
1
hansfriese - `Auction.getEpochsByBuyer()` might omit some valid epochs.
#143
sherlock-admin
closed
1 year ago
0
hansfriese - Inconsistent condition to finalize the auction.
#142
sherlock-admin
closed
1 year ago
0
hansfriese - `AuctionInternal._previewWithdraw()` might return the wrong result after some orders are removed during the withdrawal.
#141
sherlock-admin
closed
1 year ago
0
hansfriese - In `Auction.sol`, users might fail to withdraw the funds from the processed auction because of the uint underflow.
#140
sherlock-admin
closed
1 year ago
0
ak1 - VaultInternal.sol : The function "_withdraw" is not following the standard ERC4626 vault standard while withdrawing the shares
#139
sherlock-admin
closed
1 year ago
0
berndartmueller - The owner of the `VaultAdmin` contract can grief with high performance and withdrawal fees
#138
sherlock-admin
closed
1 year ago
0
berndartmueller - Chainlink's `latestRoundData` might return stale or incorrect results
#137
sherlock-admin
opened
1 year ago
2
berndartmueller - Certain ERC-20 tokens will break auction processing
#136
sherlock-admin
closed
1 year ago
1
berndartmueller - Epoch timeline is not strictly enforced on-chain
#135
sherlock-admin
closed
1 year ago
0
berndartmueller - Vault does not fully conform to `EIP4626`
#134
sherlock-admin
closed
1 year ago
0
berndartmueller - Withdrawal fee receiver can DoS withdrawals
#133
sherlock-admin
closed
1 year ago
1
GalloDaSballo - M-03 ERC4626 Vault is vulnerable to dust front-run grief
#132
sherlock-admin
closed
1 year ago
0
GalloDaSballo - H-01 First Call per `_getCurrentTokenId` to Process Deposits can get rekt via front-run
#131
sherlock-admin
closed
1 year ago
1
GalloDaSballo - M-05 Not using safeTransfer may prevent certain tokens from working
#130
sherlock-admin
closed
1 year ago
0
GalloDaSballo - M-04 Unchecked Approve / Should use safeApprove
#129
sherlock-admin
closed
1 year ago
0
GalloDaSballo - M-02 The Keeper can Process Deposits while the Vault is Paused
#128
sherlock-admin
closed
1 year ago
0
GalloDaSballo - M-01 Feed latest answer not validated (may be old, may be down)
#127
sherlock-admin
closed
1 year ago
0
__141345__ - Decimal conversion in OptionMath.sol
#126
sherlock-admin
closed
1 year ago
0
ignacio - _SAFEMINT() SHOULD BE USED RATHER THAN _MINT() WHEREVER POSSIBLE
#125
sherlock-admin
closed
1 year ago
0
minhquanym - Incompatability with deflationary / fee-on-transfer tokens
#124
sherlock-admin
closed
1 year ago
0
dipp - Auction could sell more contracts than auction.totalContracts
#123
sherlock-admin
closed
1 year ago
0
minhquanym - Exploiter can deposit to Queue reaching maxTVL to block other from depositing without any risk
#122
sherlock-admin
closed
1 year ago
0
peanuts - Never use .transfer(). Use call instead.
#121
sherlock-admin
closed
1 year ago
0
__141345__ - getDeltaStrikePrice64x64() need sanity check
#120
sherlock-admin
closed
1 year ago
0
ignacio - <ARRAY>.LENGTH SHOULD NOT BE LOOKED UP IN EVERY LOOP OF A FOR-LOOP and Increments can be unchecked for Gas Optimizations
#119
sherlock-admin
closed
1 year ago
0
minhquanym - Oracle data feed is insufficiently validated.
#118
sherlock-admin
closed
1 year ago
0
ignacio - A miner can manipulate the block timestamp which can be used to their advantage to attack a smart contract via Block Timestamp Manipulation
#117
sherlock-admin
closed
1 year ago
0
cccz - Not compatible with Rebasing/Deflationary/Inflationary tokens
#116
sherlock-admin
closed
1 year ago
0
cccz - A malicious keeper can manipulate the LToken's pricePerShare to take an unfair share of future users' deposits
#115
sherlock-admin
closed
1 year ago
4
cccz - Manipulations of withdrawalFee64x64/performanceFee64x64
#114
sherlock-admin
closed
1 year ago
0
cccz - Chainlink's latestRoundData might return stale or incorrect results
#113
sherlock-admin
closed
1 year ago
0
cccz - AuctionInternal: Loop in _processOrders may cause system to get stuck
#112
sherlock-admin
closed
1 year ago
0
bin2chen - initializeEpoch() need to prevent repeated call in the same epoch
#111
sherlock-admin
closed
1 year ago
0
bin2chen - initializeAuction() need to prevent repeated call in the same epoch
#110
sherlock-admin
closed
1 year ago
0
cccz - VaultAdmin#processAuction: Must approve 0 first
#109
sherlock-admin
closed
1 year ago
0
bin2chen - setAuction() does not check that current auction is in progress
#108
sherlock-admin
closed
1 year ago
0
bin2chen - epochsByBuyer() count error
#107
sherlock-admin
closed
1 year ago
0
dipp - Underflow in ```_previewWithdraw``` could prevent withdrawals
#106
sherlock-admin
opened
1 year ago
2
caventa - Allowing native coin to be deposited results in native coin being stuck in the contract forever.
#105
sherlock-admin
closed
1 year ago
0
Next