issues
search
sherlock-audit
/
2024-06-makerdao-endgame-judging
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
J4de - Insufficient liquidity in the uniswap pool may result in the inability to distribute farm rewards
#32
sherlock-admin3
closed
1 month ago
1
J4de - After the stop level of `LockstakeClipper` is reduced from `3`, users can buy collateral at extremely low prices
#31
sherlock-admin2
closed
1 month ago
1
J4de - `LockstakeEngine` operators can call `hope` infinitely to prevent themselves from being `nope`
#30
sherlock-admin4
closed
1 month ago
1
zraxx - The function `redo` can be used to steal all funds in `vat`.
#29
sherlock-admin3
closed
1 month ago
1
Squilliam - Critical Precision Mismatch in LockstakeClipper Causes Extreme Incentive Miscalculations, Risking Protocol Solvency Through Both Massive Overpayments and Severe Underpayments
#28
sherlock-admin2
closed
1 month ago
1
zraxx - The function `drip` will revert when diff is 0, which leads to the DOS of key functionalities.
#27
sherlock-admin4
closed
1 month ago
1
Bauer - The protocol lacks slippage protection when executing the `exec()` function
#26
sherlock-admin3
closed
1 month ago
1
Bauer - The protocol lacks slippage protection when removing liquidity
#25
sherlock-admin2
closed
1 month ago
1
kevinkien - Owner possible to set `Owner` and `Authority` to the zero address.
#24
sherlock-admin4
closed
1 month ago
1
kevinkien - Reentrancy Vulnerability in `exec` Function
#23
sherlock-admin3
closed
1 month ago
1
kevinkien - Improper Input Validation in the exec Function
#22
sherlock-admin2
closed
1 month ago
1
brgltd - Permit functionality breaking on token name update leading to potential loss of funds
#21
sherlock-admin4
closed
1 month ago
1
Topmark - Fund Loss due to OverInflation of Burn Value in LockStateEngine Contract
#20
sherlock-admin3
closed
1 month ago
1
0xaliyah - h-04 `VoteDelegate` Contract Governance roles 0xaliyah
#19
sherlock-admin2
closed
1 month ago
2
ctf_sec - Funds transferred to an Vote Delegate Pool can be drained by an attacker via a hash collision.
#18
sherlock-admin4
closed
1 month ago
0
NoOne - Call to non-existing contracts returns success
#17
sherlock-admin3
closed
1 month ago
1
0xaliyah - h-03 reentrant with stolen of funds 0xaliyah
#16
sherlock-admin2
closed
1 month ago
3
0xaliyah - h-02 from address identical with to address with stolen of funds 0xaliyah
#15
sherlock-admin4
closed
1 month ago
2
0xaliyah - h-01 reentrant with stolen of funds 0xaliyah
#14
sherlock-admin3
closed
1 month ago
5
EFCCWEB3 - Unauthorized Burning of MRT tokens can lead loss of funds of a user and totalsupply
#13
sherlock-admin2
closed
1 month ago
1
0x73696d616f - MEV bots or regular users will frontrun the `univ2-pool-migrator` script and cause loss of funds for Maker
#12
sherlock-admin4
closed
1 month ago
1
EFCCWEB3 - Incorrect way of checking for overflow opened totalsupply to overflow breaking the invariant
#11
sherlock-admin3
closed
1 month ago
1
chaduke - LockstakeClipper.take() might use an actual auction price that is greater than ```max```, as a result, the slippage control fails and the taker pays more than he expects - loss of funds.
#10
sherlock-admin2
closed
1 month ago
1
chaduke - FlapperUniV2.exec() might use stale reserve data to perform the swap, as a result, it is subject to reserve manipulation exploit.
#9
sherlock-admin4
closed
1 month ago
1
chaduke - Signature malleability problem, possibly leading to double allowance and spending.
#8
sherlock-admin3
closed
1 month ago
1
chaduke - Loss of rewards due to frequent call of modifier ```updateReward()```.
#7
sherlock-admin2
closed
1 month ago
1
0x73696d616f - Attackers will steal Maker and its users by opening dust urns and instantly liquidating, stealing up to infinite funds
#6
sherlock-admin4
closed
1 month ago
1
tsueti_ - UUPSUpgradeable vulnerability in OpenZeppelin Contracts
#5
sherlock-admin3
closed
1 month ago
1
EFCCWEB3 - Unrestricted Recovery of Rewards Tokens in Staking Contract
#4
sherlock-admin2
closed
1 month ago
1
EFCCWEB3 - Loss of rewards when distribution occurs caused by # notifyRewardAmount
#3
sherlock-admin4
closed
1 month ago
1
EFCCWEB3 - PrecisionLoss in NotifyRewardAmount
#2
sherlock-admin3
closed
1 month ago
1
0x73696d616f - Calling `SNStInit` just 1 block after `SNstDeploy` will always revert and deposits will be stuck getting no yield
#1
sherlock-admin2
closed
1 month ago
10
Previous