sherlock-audit 2024-08-flayer-judging issues

sherlock-audit / 2024-08-flayer-judging

2 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xBhumii - Potential Duplicate Listing Vulnerability in `createListings` Function

#709 sherlock-admin2 opened 1 month ago
0
jah - when filling it is burning the tax that the lister paid

#708 sherlock-admin3 opened 1 month ago
0
utsav - Previous owner can `cancelListing()` or `modifyListing()` because reserve() doesn't deletes the `_listings` mapping

#707 sherlock-admin2 opened 1 month ago
0
Mansa11 - INFERNAL_RIFT_BELOW address can be HIghJacked By an Attacker

#706 sherlock-admin3 opened 1 month ago
0
zarkk01 - Lister is overpaying during the cancel of his listing on ```Listings::cancelListings()```.

#705 sherlock-admin2 opened 1 month ago
0
0x73696d616f - Malicious users will modify the price of a listing before it is filled to make buyers pay more

#704 sherlock-admin3 opened 1 month ago
0
0xBhumii - Denial of Service (DoS) Vulnerability in `createListings` Function Due to Unbounded Loop

#703 sherlock-admin2 opened 1 month ago
0
Mansa11 - Balance Reset in Beneficiary Fee Claim Function Leads to Potential Fund Loss

#702 sherlock-admin3 opened 1 month ago
0
anon339900 - Using transfer/transferFrom instead of safeTransfer/From can cause failed transfers

#701 sherlock-admin2 opened 1 month ago
0
0x73696d616f - Attackers can instantly manipulate debt due to `ProtectedListing::_currentCheckpoint()` incorrectly calculating the factor using the current utilization ratio

#700 sherlock-admin3 opened 1 month ago
0
Ironsidesec - Collection token address is prone to collision abuse

#699 sherlock-admin2 opened 1 month ago
0
utsav - `reserve()` doesn't deletes the `_isLiquidation` mapping, causing tax loss for owner in future

#698 sherlock-admin3 opened 1 month ago
0
Mansa11 - ETH Transfer Failure in `TokenEscrow`: Non-Payable Function Attempting ETH Withdrawal

#697 sherlock-admin2 opened 1 month ago
0
kuprum - A large collection can be shutdown though it shouldn't be

#696 sherlock-admin3 opened 1 month ago
0
Audinarey - Tokens are wrongly burnt from `ProtectedListing` during repayments

#695 sherlock-admin2 opened 1 month ago
0
g - Range of values for `duration` and `floorMultiple` will not work when creating listings

#694 sherlock-admin3 opened 1 month ago
0
0x73696d616f - `ProtectedListings::_createCheckpoint()` incorrectly updates the `compoundedFactor` instead of the utilization ratio which will lead to incorrect interest calculations and losses/wins for users

#693 sherlock-admin2 opened 1 month ago
0
0xAristos - LOSS OF PRECISION WHEN CALCULATING INTEREST RATE

#692 sherlock-admin3 opened 1 month ago
0
jah - due to wrong math the user have to pay more when canceling

#691 sherlock-admin2 opened 1 month ago
0
0x73696d616f - Malicious users will exploit the fact that `ProtectedListings::adjustPosition()` does not take a checkpoint and reduce their debt

#690 sherlock-admin3 opened 1 month ago
0
zarkk01 - The health of a ```ProtectedListing``` is incorrectly calculated if the ```tokenTaken``` has be changed through ```ProtectedListings::adjustPosition()```.

#689 sherlock-admin2 opened 1 month ago
0
0x73696d616f - The protocol will become insolvent and some nfts will be forever stuck

#688 sherlock-admin3 opened 1 month ago
0
utsav - `relist()` doesn't check if the listing is` liquidationLisiting` or not, paying unnecessary tax to the owner

#687 sherlock-admin2 opened 1 month ago
0
stuart_the_minion - Possibly incorrect listing type calculation

#686 sherlock-admin3 opened 1 month ago
0
shaflow01 - Excess eth will not be returned during initialization of initialize collection

#685 sherlock-admin2 opened 1 month ago
0
t.aksoy - Overflow in CollectionShutdown vote function can prevent collection shutdown

#684 sherlock-admin3 opened 1 month ago
0
0x73696d616f - `Listings::cancelListings()` overcharges extra funds from the user and will get them stuck

#683 sherlock-admin2 opened 1 month ago
0
utsav - `BaseImplementation:claim()` will be DoS for previous `beneficiary`

#682 sherlock-admin3 opened 1 month ago
0
Mansa11 - Potential Underflow in Listings Contract: Unchecked Decrement of listingCount

#681 sherlock-admin2 opened 1 month ago
0
0x73696d616f - Inflated interest rate calculation will trigger cascade liquidations

#680 sherlock-admin3 opened 1 month ago
0
theweb3mechanic - Gas refund is unfairly calculated during pause time

#679 sherlock-admin2 opened 1 month ago
0
dimulski - The formula for charging interest on reserved assets, charges much more than it should

#678 sherlock-admin3 opened 1 month ago
0
Parvez.eth - Incorrect Order of Division and Multiplication

#677 sherlock-admin2 opened 1 month ago
0
BugPull - Broken core contract functionality `UniswapImplementation::setFeeExemption` making `exemptionFee` is never useable

#676 sherlock-admin3 opened 1 month ago
0
utsav - Overflow in `params.quorumVotes` while shutdown of a collection

#675 sherlock-admin2 opened 1 month ago
0
tvdung94 - Initializing a new collection will always revert

#674 sherlock-admin3 opened 1 month ago
0
zarkk01 - User is not able to repay his ```ProtectedPosition``` when the ```Locker``` contract is paused leading to unwanted interest accumulated.

#673 sherlock-admin2 opened 1 month ago
0
zzykxx - Hardcoded starting spot price of `500 ether` for a 7 days dutch auction is too much

#672 sherlock-admin3 opened 1 month ago
0
Audinarey - Users can manipulate interest rate using their protected listings

#671 sherlock-admin2 opened 1 month ago
0
0xdice91 - Collections that were previously shutdown `cannot` be shutdown again.

#670 sherlock-admin3 opened 1 month ago
0
cnsdkc007 - only need to pay taxes to lock any NFT

#669 sherlock-admin2 opened 1 month ago
0
bareli - wrong defaultFee in "UniswapImplementation"

#668 sherlock-admin3 opened 1 month ago
0
Limbooo - Governance Deadlock Due to Exclusion of Locked Votes in Future Collection Shutdown Attempts

#667 sherlock-admin2 opened 1 month ago
0
zarkk01 - No slippage protection on ```Listings::fillListings()``` can cause ```buyer``` being front-runned by price change from ```lister``` and causing him to overpay.

#666 sherlock-admin3 opened 1 month ago
0
zzykxx - Settings a new tax calculator contract might lead to accounting inconsistencies

#665 sherlock-admin2 opened 1 month ago
0
ComposableSecurity - The `setTokenURIAndMintFromRiftAbove` function updates the token URI but does not emit the required URI event

#664 sherlock-admin3 opened 1 month ago
0
ComposableSecurity - The tokenURI function does not revert for invalid token IDs

#663 sherlock-admin2 opened 1 month ago
0
Tendency - L1 to L2 Token Transfers Always Fail Due to Alias Address Check Error

#662 sherlock-admin3 opened 1 month ago
0
jsmi - Attacker can dos denomination of any collection tokens.

#661 sherlock-admin2 opened 1 month ago
0
jah - missing a multiplication in tokensReceived lead to loss of fund for user

#660 sherlock-admin3 opened 1 month ago
0

Previous Next