Skip to content
This repository has been archived by the owner on Jan 7, 2024. It is now read-only.

Issues: sherlock-audit/2023-04-hubble-exchange-judging

16 Open 240 Closed
16 Open 240 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

lemonmon - Potential accounting problems due to issue in ClearingHouse.updatePositions() Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#248 opened Jul 4, 2023 by sherlock-admin
9
Bauchibred - No minAnswer/maxAnswer Circuit Breaker Checks while Querying Prices in Oracle.sol Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#241 opened Jul 4, 2023 by sherlock-admin
2
BugBusters - User will be forced liquidated Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#234 opened Jul 4, 2023 by sherlock-admin
9
0x52 - Rogue validators can manipulate funding rates and profit unfairly from liquidations Escalation Resolved This issue's escalations have been approved/rejected High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#183 opened Jul 3, 2023 by sherlock-admin
15
0x52 - Funding settlement will be DOS'd for a time after the phaseID change of an underlying chainlink aggregator Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#177 opened Jul 3, 2023 by sherlock-admin
1
0x52 - MarginAccountHelper will be bricked if registry.marginAccount or insuranceFund ever change Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#170 opened Jul 3, 2023 by sherlock-admin
1
0x52 - Malicious users can donate/leave dust amounts of collateral in contract during auctions to buy other collateral at very low prices Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#168 opened Jul 3, 2023 by sherlock-admin
1
0x52 - Failed withdrawals from VUSD#processWithdrawals will be lost forever Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#162 opened Jul 3, 2023 by sherlock-admin
3
0x52 - Malicious user can grief withdrawing users via VUSD reentrancy Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#153 opened Jul 3, 2023 by sherlock-admin
11
p12473 - ProcessWithdrawals is still DOS-able Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#116 opened Jul 3, 2023 by sherlock-admin
10
dirk_y - Malicious user can control premium emissions to steal margin from other traders Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#87 opened Jul 3, 2023 by sherlock-admin
8
lil.eth - min withdraw of 5 VUSD is not enough to prevent DOS via VUSD.sol#withdraw(amount) Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#81 opened Jul 3, 2023 by sherlock-admin
1
dirk_y - Malicious user can frontrun withdrawals from Insurance Fund to significantly decrease value of shares Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#72 opened Jul 3, 2023 by sherlock-admin
5
dirk_y - Setting stable price in oracle can result in arbitrate opportunities and significant bad debt if the stable depegs Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#69 opened Jul 3, 2023 by sherlock-admin
4
0xbepresent - Chainlink.latestRoundData() may return stale results Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#18 opened Jul 3, 2023 by sherlock-admin
3
moneyversed - Risk of Unfair Order Execution Price in _validateOrdersAndDetermineFillPrice Function Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#8 opened Jul 3, 2023 by sherlock-admin
4
ProTip! What’s not been updated in a month: updated:<2024-08-23.