issues
search
sherlock-audit
/
2023-02-openq-judging
4
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Avci - in the DepositManagerOwnable manager address cannot remove if accidently transfered or when losing access will be dangrous
#568
github-actions[bot]
closed
1 year ago
0
Avci - in extendDeposit in Bounty core there is incorrect calc of time
#567
github-actions[bot]
closed
1 year ago
0
Aymen0909 - Risk of reentrancy attack in the `permissionedClaimTieredBounty` function
#566
github-actions[bot]
closed
1 year ago
1
Avci - in BountyCore:refundDeposit there is problem in logic of checking in function that checks wrong.
#565
github-actions[bot]
closed
1 year ago
1
ak1 - `setPayoutScheduleFixed` and `setPayoutSchedule` are not using the correct array length value in the `for` loop
#564
github-actions[bot]
closed
1 year ago
0
Udsen - `safeTransferFrom` IS CALLED IN THE `BountyCore` CONTRACT WITHOUT APPROVAL FROM THE OWNER.
#563
github-actions[bot]
closed
1 year ago
0
0xhacksmithh - Incorrect logics for ```refundDeposit()``` function inside ```DeposiManagerV1.sol``` contract file
#562
github-actions[bot]
closed
1 year ago
0
Avci - contract doesnt support the rebase tokens as technical but they didnt take any stepts to not alowing rebasing tokens
#561
github-actions[bot]
closed
1 year ago
0
Avci - in the AtomicBountyV1.sol: reciveNft there is wrong calculation of time
#560
github-actions[bot]
closed
1 year ago
1
joestakey - percentage tiered bounty issuer can game the payout schedule
#559
github-actions[bot]
closed
1 year ago
0
ck - Array mismatch can happen when setting a new payout schedule
#558
github-actions[bot]
closed
1 year ago
0
Udsen - `address(0)` CHECK IS NOT PERFORMED FOR THE `address` VARIABLES PASSED INTO THE `initiazlize()` FUNCTIONS OF THE IMPLEMENTATION CONTRACTS.
#557
github-actions[bot]
closed
1 year ago
0
Breeje - Any organization can close the `Bounty` before paying out the reward
#556
github-actions[bot]
closed
1 year ago
3
0xmuxyz - A transaction of calling the the DepositManagerV1# `fundBountyNFT()` may be reverted despite the actual number of NFTs deposited (funded) has not reached the `nftDepositLimit` yet.
#555
github-actions[bot]
closed
1 year ago
0
joestakey - refund logic is unfair to funders.
#554
github-actions[bot]
closed
1 year ago
0
sinh3ck - sinh3ck - Closing `TierFixedBounty` May Lock Tokens In Bounty Forever
#553
github-actions[bot]
closed
1 year ago
0
HonorLt - Incorrect new expiration when extending expired deposit
#552
github-actions[bot]
closed
1 year ago
2
Qeew - No input Validation check for _associatedAddress
#551
github-actions[bot]
closed
1 year ago
0
imare - possible grief attack on bounty refund deposit call
#550
github-actions[bot]
closed
1 year ago
0
ak1 - Number of token limit check is not same for ERC20 and ERC721 contracts
#549
github-actions[bot]
closed
1 year ago
4
joestakey - `refundDeposit` has an incorrect `availableFunds` logic, preventing some depositors from getting a refund when they should
#548
github-actions[bot]
closed
1 year ago
0
XKET - `onlyProxy` modifiers are missing in two functions of `OpenQV1`
#547
github-actions[bot]
closed
1 year ago
0
XKET - `ClaimManagerV1.bountyIsClaimable` is wrong for tiered bounties
#546
github-actions[bot]
closed
1 year ago
0
XKET - Refund after close will cause lack of balance for TieredPercentageBounty
#545
github-actions[bot]
closed
1 year ago
0
ck - Blacklisted user may prevent certain bounty claims
#544
github-actions[bot]
closed
1 year ago
4
XKET - `TieredFixedBountyV1.setFundingGoal` changes `payoutTokenAddress`
#543
github-actions[bot]
closed
1 year ago
0
XKET - Some winners of tiered percentage bounty can't claim their payouts
#542
github-actions[bot]
closed
1 year ago
3
XKET - `setPayoutSchedule` will revert for tiered bounties in some condition
#541
github-actions[bot]
closed
1 year ago
0
XKET - An attacker can prevent claimers from claiming
#540
github-actions[bot]
closed
1 year ago
3
XKET - An attacker can prevent claimers from claiming when `openQTokenWhitelist.TOKEN_ADDRESS_LIMIT > 0`
#539
github-actions[bot]
closed
1 year ago
0
XKET - An attacker can prevent claimers from claiming for atomic and tiered percentage bounties
#538
github-actions[bot]
closed
1 year ago
0
sinh3ck - sinh3ck - Closing `OngoingBounty` May Lock Tokens In Bounty Forever
#537
github-actions[bot]
closed
1 year ago
0
joestakey - claimer not supporting ERC-721 tokens can be DOS
#536
github-actions[bot]
closed
1 year ago
2
Udsen - MALICIOUS USER CAN FRONT RUN THE `initialize()` FUNCTION IN THE `OpenQV1` AND BECOME THE OWNER OF THE CONTRACT
#535
github-actions[bot]
closed
1 year ago
0
Jeiwan - Payout schedule cannot be shrunk due to a revert
#534
github-actions[bot]
closed
1 year ago
0
Jeiwan - The NFT deposit limit may be not enough for tiered bounties
#533
github-actions[bot]
closed
1 year ago
0
Jeiwan - Bounty contracts' state can be corrupted as a result of an upgrade
#532
github-actions[bot]
closed
1 year ago
0
Jeiwan - Claiming ongoing bounty can be replayed, causing double-spending of rewards
#531
github-actions[bot]
closed
1 year ago
3
Jeiwan - Non-whitelisted tokens cannot be added if the limit of token addresses is filled with whitelisted ones
#530
github-actions[bot]
opened
1 year ago
3
Jeiwan - Bounty contract funding can be blocked by an attack filling the limit of token addresses
#529
github-actions[bot]
closed
1 year ago
0
Jeiwan - `OpenQV1.solvent` always reverts for tiered bounties
#528
github-actions[bot]
closed
1 year ago
0
Jeiwan - Oracle is not initialized in `OpenQV1`, making the contract partially non-operational
#527
github-actions[bot]
closed
1 year ago
3
Jeiwan - Griefing attack may cause indefinite DoS on refunding
#526
github-actions[bot]
closed
1 year ago
0
Jeiwan - Disproportional distribution of deposited funds causes some depositors to lose funds
#525
github-actions[bot]
closed
1 year ago
1
Jeiwan - Ongoing bounty contract can be used to run scam bounties promising NFT rewards but not paying them
#524
github-actions[bot]
closed
1 year ago
0
joestakey - Attackers can DOS claims of `USDC` blacklisted claimers
#523
github-actions[bot]
closed
1 year ago
0
Jeiwan - Refunded NFT can indefinitely block bounty rewards claiming
#522
github-actions[bot]
closed
1 year ago
4
Jeiwan - Claiming of rewards can be indefinitely blocked by a malicious ERC20 token
#521
github-actions[bot]
closed
1 year ago
0
Jeiwan - Native coin can be lost when deposited together with an ERC20 token
#520
github-actions[bot]
closed
1 year ago
0
Jeiwan - Bounty minter can rugpull contest winners by changing winners and payout amounts after contest results were announced
#519
github-actions[bot]
closed
1 year ago
2
Next