Created
April 23, 2024 07:03
-
-
Save toufik-airane/c1c57633645105a16fc68b5e04a58f62 to your computer and use it in GitHub Desktop.
Smart contract vulnerabilities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reentrancy | |
Front-running | |
Integer overflow/underflow | |
Denial-of-Service (DoS) | |
Solidity-specific vulnerabilities | |
Uninitialized storage pointers | |
Unchecked external calls | |
Access control issues | |
Ether withdrawal issues | |
Transaction-ordering dependence (TOD) | |
Frontrunning in decentralized exchanges | |
Oracle manipulation | |
Chain reorganizations | |
Inadequate auditing and testing | |
Gas-related vulnerabilities | |
Time-dependent vulnerabilities | |
Unintended token transfers | |
Inadequate exception handling | |
Unsafe delegatecall usage | |
Proxy contract vulnerabilities | |
Batch overflow vulnerabilities | |
Insecure token standards | |
Arbitrary data storage and retrieval | |
Insufficient input validation | |
Storage layout vulnerabilities | |
Ether lockup vulnerabilities | |
Logic flaws in upgradeable contracts | |
Incorrectly implemented token standards | |
Unpredictable external contract calls | |
Malicious contract dependencies | |
Solidity compiler bugs | |
Overflowing mapping storage | |
Non-standard fallback functions | |
Incorrect gas calculations | |
Uninitialized contract variables | |
Denial of service through block.timestamp | |
Excessive contract complexity | |
Vulnerable third-party libraries | |
Incorrect event log handling | |
Contract function visibility issues | |
Poorly implemented randomness generation | |
Lack of access control in upgradeable contracts | |
Vulnerable constructor functions | |
Race conditions in contract execution | |
Token supply vulnerabilities | |
Gas token vulnerabilities | |
Smart contract self-destruct vulnerabilities | |
Integer arithmetic vulnerabilities | |
Unprotected upgrades | |
Insufficient gas stipends for external calls | |
Flash loan attacks | |
Incorrect array handling | |
Short address attacks | |
Gas limit exhaustion | |
Stuck ether | |
Zero-day exploits | |
Web3.js vulnerabilities | |
Gas price manipulation | |
Transaction malleability | |
Resource depletion | |
Replay attacks | |
Immutable contract vulnerabilities | |
Compiler bugs | |
Proxy contract issues | |
Economic attacks | |
Governance flaws | |
Bridging vulnerabilities | |
Fork vulnerabilities | |
Smart contract upgrade risks | |
Supply chain attacks | |
Chainlink vulnerabilities | |
Security token standard issues | |
Asset pegging vulnerabilities | |
Sybil attacks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment