`PartyGovernanceNFT#rageQuit()` can lead to token loss for users when dealing with zero-balance ERC20 during a `rageQuit()`

User can steal tokens by using duplicated ERC20 tokens as parameter in NounsDAOLogicV1Fork.quit

`unauthorize()` can be front-run so that the malicious authorized user would get their authority back

Basket range formula is inefficient, leading the protocol to unnecessary haircut

In case that `unstakingDelay` is decreased, users who have previously unstaked would have to wait more than `unstakingDelay` for new unstakes

`refresh()` will revert on Oracle deprecation, effectively disabling part of the protocol

`Asset.lotPrice()` doesn't use the most recent price in case of oracle timeout

Users can bypass the `maxWinPercent` limit using a partially closing

`safeTransferMany()` doesn't actually use safe transfer

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

User can close an order via `limitClose()`, and take bot fees to themselves

`executeLimitOrder()` modifies open-interest with a wrong position value

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

ETH will get stuck if all NFTs do not get sold.

Sale contracts can be bricked if any other minter mints a token with an id that overlaps the sale

Creator can still "cancel" a sale after it has started by revoking permissions in `OpenEdition` contract

Failed job can't be recovered. NFT may be lost.

Gas limit check is inaccurate, leading to an operator being able to fail a job intentionally

If user sets a low `gasPrice` the operator would have to choose between being locked out of the pod or executing the job anyway

An attacker can lock operator out of the pod by setting gas limit that's higher than the block gas limit of dest chain

Beaming job might freeze on dest chain under some conditions, leading to owner loosing (temporarily) access to token

Loss of vested amounts

# Only part of `keccak256()` is used as hash, making it susceptible to collision attacks

Try-catch block at `Auction._createAuction()` will only catch string errors

Any borrower with bad debt can be liquidated multiple times to lock funds in the lending pair

`liquidate()` doesn't mark off bad debt, leading to a 'last lender to withdraw looses' scenario

Penalty rate is used for pre-maturity date as well

FraxlendPair#setTimeLock: Allows the owner to reset TIME_LOCK_ADDRESS

Interest can be significantly lower if `addInterest` isn't called frequently enough

Impossible to `setCreationCode()` with code size less than 13K

Wrong percent for `FraxlendPairCore.dirtyLiquidationFee`.

Liquidator might end up paying much more asset than collateral received

Builder can call `Community.escrow` again to reduce debt further using same signatures

Project funds can be drained by reusing signatures, in some cases

Attacker can drain all the projects within minutes, if admin account has been exposed

Anyone can create disputes if `contractor` is not set

`Project.raiseDispute()` doesn't use approvedHashes - meaning users who use contracts can't raise disputes

Vault implementation can be destroyed leading to loss of all assets

Division rounding can make fraction-price lower than intended (down to zero)

Cash-out from a successful buyout allows an attacker to drain Ether from the `Buyout` contract

An attacker can DoS vault's buyout with as little as 1 wei per 4 days

[Buyout module] Fraction price is not updated when total supply changes

Malicious Token Contracts May Lead To Locking Orders