sherlock-audit 2024-06-new-scope-judging issues

sherlock-audit / 2024-06-new-scope-judging

1 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Happy Corduroy Dalmatian - Missing Bounds Check in updateWithdrawQueue Leading to Untraceable Revert Errors

#536 sherlock-admin4 closed 2 months ago
0
Happy Corduroy Dalmatian - Non compliance to CEI could open possible re-entrancy vectors

#535 sherlock-admin3 closed 2 months ago
0
Chilly Cherry Deer - `validateRepay` logic is incorrect, lead to funds discrepancies

#534 sherlock-admin2 closed 2 months ago
0
Deep Seaweed Haddock - Mint function in NFTPositionManager should use the built-in modifier `isPool`

#533 sherlock-admin4 closed 2 months ago
0
Big Mandarin Bison - Consider using call intead of transfer

#532 sherlock-admin3 closed 2 months ago
0
Curly Rose Mallard - Incorrect parameter is used in Supply event

#531 sherlock-admin2 closed 2 months ago
0
Dizzy Raspberry Pig - Wrong Emission of events in PoolLogic.sol::setReserveConfiguration and modifiers of PoolManager.sol contract

#530 sherlock-admin4 closed 2 months ago
0
Scruffy Midnight Boar - Use of "magic" numbers is discouraged

#529 sherlock-admin3 closed 2 months ago
0
Scruffy Midnight Boar - Using an outdated version of solidity is not recommended.

#528 sherlock-admin2 closed 2 months ago
0
Chilly Cherry Deer - Concurrent transactions will cause inconsistent collateral settings, impacting protocol stability

#527 sherlock-admin4 closed 2 months ago
0
Big Admiral Dove - An ETH repayer will receive leftover assets as WETH instead of ETH.

#526 sherlock-admin2 closed 2 months ago
0
Jumpy Watermelon Mockingbird - Zero Address Initialization for Reward Token makes Reward Distribution Mechanism non-functional

#525 sherlock-admin3 closed 2 months ago
0
Deep Seaweed Haddock - _poolAssetList in NFTPositionManagerStorage.sol no use.

#524 sherlock-admin4 closed 2 months ago
0
Dancing Cherry Yak - Collateral Liquidity Exhaustion Blocking Liquidations

#523 sherlock-admin2 closed 2 months ago
0
Deep Seaweed Haddock - The created vault is revokeProxy, not includes non revokable.

#522 sherlock-admin3 closed 2 months ago
0
Dancing Cherry Yak - Lack of Access Control in Pool and Vault Initialization Functions Causing Denial of Service

#521 sherlock-admin4 closed 2 months ago
0
Best Cider Panda - there is a bitwise operation error - 0XALIYAH

#520 sherlock-admin2 closed 2 months ago
0
jah - debtshare first need to be converted in to the desired amount

#519 sherlock-admin2 closed 2 months ago
0
14Kattel - Insufficient Validation of Reserve Factor in `executeBorrow`

#518 sherlock-admin2 closed 2 months ago
0
hyh - Assets can be locked on NFTPositionManager balance due to rounding violating payback conditions

#517 sherlock-admin2 closed 1 month ago
9
denzi_ - Incorrect Calculation of Assets in `getSupplyBalance()` and `getDebtBalance()` inside `PositionBalanceConfiguration.sol`

#516 sherlock-admin3 closed 2 months ago
0
jah - wrong logic lead to wrong calculation of interest rate

#515 sherlock-admin3 closed 2 months ago
0
dhank - Pool.sol::FlashLoan:: amountPlusPremium is considered instead of totalPremium to calculate the new interest Rate

#514 sherlock-admin3 closed 2 months ago
0
joshuajee - Due to an error in the logic when trying to withdraw, a lender who deposits after interest rate has already gone up won't be able to withdraw their whole balance.

#513 sherlock-admin3 closed 2 months ago
1
denzi_ - Repaying function will revert in most cases

#512 sherlock-admin4 closed 2 months ago
0
denzi_ - setReserveFactor() does not call updateState() before setting new reserveFactor

#511 sherlock-admin4 closed 2 months ago
1
denzi_ - Flashloan Adds Interest on top of already interest accruing amount

#510 sherlock-admin4 closed 2 months ago
0
Valy001 - missing check of timelock change pending state in submitCap in curatedVault.sol

#509 sherlock-admin4 closed 2 months ago
1
hyh - Rewards are overstated for assets with less than 18 dp and can be stolen by early claimers

#508 sherlock-admin2 closed 2 months ago
0
denzi_ - Repaying function will revert in most cases

#507 sherlock-admin2 closed 2 months ago
5
perseus - Incorrect balance calculation affects protocol users

#506 sherlock-admin2 closed 2 months ago
0
denzi_ - Last minute supply transaction to avoid liquidation can be reverted

#505 sherlock-admin2 closed 2 months ago
1
denzi_ - Incorrect Calculation of Assets in `getSupplyBalance()` and `getDebtBalance()` inside `PositionBalanceConfiguration.sol`

#504 sherlock-admin3 closed 2 months ago
0
neon2835 - PoolGetter's Calculation of User or Pool Balance and Debt is Not Real-Time, it may lead to severe and dangerous situations

#503 sherlock-admin3 closed 2 months ago
0
14Kattel - Supply Cap Bypass Due to Incorrect Calculation in `validateSupply`

#502 sherlock-admin3 closed 2 months ago
1
A2-security - Inflation Attack is possible on CuratedVault

#501 sherlock-admin2 closed 2 months ago
1
dhank - poolSorage.sol:: Missing the keyword abstract for PoolStorage abstract contract

#500 sherlock-admin4 closed 2 months ago
1
dhank - Pool.sol:liquidate()::LiquidityTaken is not considering the liquidationProtocolFeeAmount while calling updateInterestRate()

#499 sherlock-admin4 closed 2 months ago
0
jah - wrong calculation in function executeWithdraw

#498 sherlock-admin4 closed 2 months ago
5
dhank - Pool.sol:liquidate()::Since cache.nextDebtShares is not updated prior wrong interest rate is calculated.

#497 sherlock-admin2 closed 2 months ago
5
hyh - `Allocator` request for full pool withdrawal produce no withdrawal at all that leads to funds misallocation

#496 sherlock-admin2 closed 2 months ago
0
dhank - actualDebtToLiquidate is incorrectly calculated by assigning the share amount instead of the underlying assets , affecting the liquidator.

#495 sherlock-admin2 closed 2 months ago
0
dhank - Pool.sol :: repay() doesnt allow an approved address to repay onBehalfOf the owner deviating from the doc.

#494 sherlock-admin4 closed 2 months ago
2
dhank - Users cant execute borrow() even though the position is healthy , due to a missing "=" check

#493 sherlock-admin3 closed 2 months ago
1
iamnmt - Setting a new configurator in `PoolFactory` will cause the function `setReserveConfiguration` of the pools unusable

#492 sherlock-admin3 closed 2 months ago
0
dhank - Pool.sol:: Wrongly Implemented getSupplyBalance() , not returning the correct supplied asseets.

#491 sherlock-admin3 closed 2 months ago
0
Valy001 - unlimited number of pool reserves may cause DOS in certain circumstances

#490 sherlock-admin4 closed 2 months ago
1
perseus - Strict price freshness check will block important state operations

#489 sherlock-admin4 closed 2 months ago
0
ether_sky - The repayment process in the NFTPositionManager can sometimes be reverted

#488 sherlock-admin4 opened 2 months ago
0
thisvishalsingh - Incorrect cap on boosted balance in `boostedBalance` Function

#487 sherlock-admin4 closed 1 month ago
3