`unassignedEarnings` in a fixed pool may become inaccessible

An attacker can cancel other people's short orders

`PendlePowerFarmToken:: totalLpAssetsToDistribute` may lead to temporary DOS due to price growth check being skipped during deposit

Current Heartbeat Implementation May Lead to a Prolonged DoS for Chainlink Oracles

An attacker can DoS `enterFarm`

When borrowers repay USDS, it is sent to the wrong address, allowing anyone to burn Protocol Owned Liquidity and build bad debt for USDS

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

The use of spot price by CoreSaltyFeed can lead to price manipulation and undesired liquidations

formPOL lacks slippage and deadline protection

Chainlink price feed uses BTC, not WBTC. In case of depegging, oracles will become easier to manipulate.

Remove Liquidity has missing reserve1 DUST check, which can make reserve1 to be less than DUST

Rewards can be drained because of lack of access control

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

Users can not remove some amount of collateral from contract because of wrong implementation of "canRemoveCollateral()"

Anyone can pause AuctionHouse in _createAuction

CultureIndex.sol#dropTopVotedPiece() - Malicious user can manipulate topVotedPiece to DoS the whole CultureIndex and AuctionHouse

It may be possible to DoS AuctionHouse by specifying malicious creators

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Attacker can reenter to mint all the collection supply

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

On a Linear or Exponential Descending Sale Model, a user that mint on the last `block.timestamp` mint at an unexpected price.

Vulnerability in burnToMint function allowing double use of NFT

The RandomizerVRF and RandomizerRNG not produce hash value.

Auction winner can prevent payments via `safeTransferFrom` callback