sherlock-audit 2024-08-sentiment-v2-judging issues

sherlock-audit / 2024-08-sentiment-v2-judging

5 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Dazzling Ebony Oyster - Ineffective validation in deposit()

#626 sherlock-admin2 closed 3 months ago
0
Dazzling Ebony Oyster - No maximum depositQueue length check can result in user depositing to more pools than they consent

#625 sherlock-admin2 closed 3 months ago
0
Spare Chrome Oyster - ChainlinkUsdOracle incorrectly handles tokens with > 18 decimals

#624 sherlock-admin2 closed 3 months ago
0
Custom Cherry Shark - Lack of checking the interestFee in function initializePool

#623 sherlock-admin2 closed 3 months ago
1
Smooth Mahogany Lizard - Array out-of-bounds access

#622 sherlock-admin2 closed 3 months ago
0
Smooth Mahogany Lizard - Unused parameters

#621 sherlock-admin2 closed 3 months ago
0
Rapid Bronze Troll - New and old values should be emitted when sensitive changes are being made.

#620 sherlock-admin2 closed 3 months ago
0
Quaint Porcelain Worm - There is a receive function without a withdraw function at Position.sol

#619 sherlock-admin2 closed 3 months ago
0
Quaint Porcelain Worm - The deposit function of SuperPool does not revert on incomplete transfer of the assets to the pools

#618 sherlock-admin2 closed 3 months ago
0
Polished White Coyote - Lack of Input Validation at getValueInEth for FixedPriceOracle contract

#617 sherlock-admin2 closed 3 months ago
0
Polished White Coyote - No Check on SuperPool Address Validity at deploySuperPool for SuperPoolFactory contract

#616 sherlock-admin2 closed 3 months ago
0
Polished White Coyote - Insufficient Event Logging at requestLtvUpdate, acceptLtvUpdate, rejectLtvUpdate for RiskEngine contract

#615 sherlock-admin2 closed 3 months ago
0
Polished White Coyote - Fixed Fee Parameters at Pool contract

#614 sherlock-admin2 closed 3 months ago
0
hash - User's monitoring for bad debt can cause severe losses for other users

#613 sherlock-admin3 closed 2 months ago
0
thisvishalsingh - Insecure Management of Operator Permissions in Pool Contract

#612 sherlock-admin2 closed 2 months ago
1
theweb3mechanic - Pause mechanisms can be bypassed to carry out withdrawals in the pool contract

#611 sherlock-admin3 closed 2 months ago
1
AresAudits - ERC6909.sol Does Not Follow EIP-6909 Implementation

#610 sherlock-admin2 closed 2 months ago
1
A2-security - `SuperPoolFactory.deploySuperPool()` could be dossed

#609 sherlock-admin3 closed 2 months ago
0
0xAristos - [M-5] Inability to Transfer Out Delisted Assets from PositionAsset Array

#608 sherlock-admin2 closed 2 months ago
0
dhank - Invalid check of poolCap while reallocating assets.

#607 sherlock-admin3 closed 2 months ago
0
Oblivionis - liquidators are not incentivized and liquidation may revert for high LTV pools

#606 sherlock-admin2 closed 2 months ago
0
bhilare_ - A user can save himself from complete loss from liquidation without repaying, and can cause griefing/loss for the POOL owners.

#605 sherlock-admin3 closed 2 months ago
1
Anirruth - Oracle precision can differ.

#604 sherlock-admin2 closed 2 months ago
1
ajayss - initial depositor will use inflation attack of ERC4626 to steal subsequent deposit assets

#603 sherlock-admin3 closed 2 months ago
5
dhank - Protocol lets the asset to accumulate in the SuperPool contract without depsoting to available deposit pools.

#602 sherlock-admin2 closed 2 months ago
1
Darinrikusham - Calculation issue will impact in loss in user funds and DOS

#601 sherlock-admin3 closed 1 month ago
12
0xKartikgiri00 - Liquidator will lose it's funds while liquidation.

#600 sherlock-admin2 closed 2 months ago
0
0xAadi - Unilateral Fee Adjustment by contract owner in Pool Contracts instead of Pool Owners

#599 sherlock-admin3 closed 2 months ago
1
S3v3ru5 - First deposit after rebalancing might receive shares worth of less value

#598 sherlock-admin2 closed 2 months ago
0
vatsal - rounding error due to internal accounting and can steal some portion of the first depositors funds

#597 sherlock-admin3 opened 3 months ago
1
0xarno - Attacker Can Inflate Collateral by Exploiting Double Entry Point Tokens

#596 sherlock-admin2 closed 2 months ago
1
MohammedRizwan - The Pausable functionalit of `SuperPool.sol` contract is useless as its not used on contracts functions

#595 sherlock-admin3 closed 2 months ago
0
AlexCzm - Hardcoded redstone oracle deviation threshold

#594 sherlock-admin2 closed 2 months ago
0
AresAudits - Approval Race Condition for USDT Token

#593 sherlock-admin3 closed 2 months ago
0
theweb3mechanic - Borrowers can experience temporary denial of acces to thier funds with the protocol

#592 sherlock-admin2 closed 2 months ago
0
valuevalk - Missing price validations for RedstoneOracle can compromise protocol's integrity

#591 sherlock-admin3 closed 2 months ago
18
h2134 - Large amount of pool assets can be transferred to position by providing much less collaterals

#590 sherlock-admin2 closed 2 months ago
7
0xAadi - Missing ETH-USD Feed on Certain Networks Limits Functionality of RedstoneCoreOracle Contract

#589 sherlock-admin3 closed 2 months ago
1
AresAudits - Frontrunning in `initializePool` Function may leads to DOS and making owner to spend more on pool initialization

#588 sherlock-admin2 closed 2 months ago
1
Maccart224 - Borrowers will avoid fees, causing a loss of revenue for the protocol

#587 sherlock-admin3 closed 2 months ago
1
0xLeveler - Deployment of superPools with certain accepted assets will fail

#586 sherlock-admin2 closed 2 months ago
0
hash - User's can create non-liquidateable positions by leveraging `rebalanceBadDebt` to decrease share price

#585 sherlock-admin3 opened 3 months ago
18
hash - New depositors can loose their assets due to existing shares when totalAssets is 0 following a bad debt rebalance

#584 sherlock-admin2 closed 2 months ago
8
0xc0ffEE - Unpaid loan will block SuperPool owner from removing pools

#583 sherlock-admin3 closed 2 months ago
1
smbv-1923 - Loss of users fund through share inflation attack in `Pool.sol`

#582 sherlock-admin2 closed 2 months ago
6
hash - Planned large liquidation fees will make liquidation not profitable causing bad debt

#581 sherlock-admin3 closed 2 months ago
0
hash - Division before multiplication causes precision losses for asset valuation

#580 sherlock-admin2 closed 2 months ago
0
hash - Incorrect decimal adjustment in `ChainlinkUsdOracle`

#579 sherlock-admin3 closed 2 months ago
15
hash - KinkedRateModel's `getInterestRate` rounds down favour of the borrower's

#578 sherlock-admin2 closed 1 month ago
11
HHK - Users can still deposit in the SuperPool when it's paused

#577 sherlock-admin3 closed 2 months ago
0