`SdtStakingPositionService.processSdtRewards` could record the wrong amount of sdt reward.

`QVSimpleStrategy` never updates `allocator.voiceCredits`.

`recipientsCounter` should start from 1 in `DonationVotingMerkleDistributionBaseStrategy`

`RFPSimpleStrategy._distribute` may fail due to wrong check of enough funds

`RFPSimpleStrategy._registerRecipient` always reverts if `useRegistryAnchor` is true

`QVBaseStrategy._qv_allocate` miscalculate `voiceCreditsCastToRecipient`

`RFPSimpleStrategy.setMilestones` can only be called once

`Vault._update_debt` doesn't accumulate any interest.

`reduce_margin_by_amount` in `Vault.reduce_position` is wrongly calculated

The reduced margin doesn't return to the trader in `Vault.reduce_position`.

`Vault._amount_per_base_lp_share` should also consider bad debt when `safety_module_lp_total_amount` is not enough

`L1ECOBridge.inflationMultiplier` may be stale.

`StableOracleWBTC` uses the wrong Chainlink priceFeed

Anyone can call `USSD.mintRebalancer` and `USSD.burnRebalancer`. An attacker can use it to block others from minting tokens.

`USSDRebalancer.BuyUSSDSellCollateral` should check `collateral[i].pathsell.length` in else path as well.

`latestRoundData` could return stale or incorrect result

`USSD.mintForToken` should have a `minAmountReceived`.

`USSDRebalancer.SellUSSDBuyCollateral` should confirm that `collateral[i].pathbuy` is not empty

Transfer in `FootiumPrizeDistributor.claimERC20Prize()` could fail and cause the loss of user’s funds

The leaf value of `clubDivsMerkleTree` should not be exactly 64 bytes long prior to hashing

`ClaimFaucet.sendInterests` could be unfair if `interests == loan.payment.minInterestsToRepay`

`toPay` may drop to 0, some ERC20 cannot transfer 0, resulting in failure to liquidate.

The decimals of collateral may different from 1e18, causing the user to borrow more than the real amount that can be borrowed.

`currentMinted` doesn't return to zero.

`swap()` will be reverted if `path` has more tokens.

Attackers can manipulate loan token price per share to take an unfair share of future users.

If the decimals of collateral tokens is much higher than the decimals of loan tokens, the collateral ratio could be very low.

`feeRecipient` could be address(0) when `_feeMantissa` > 0

Wrong calculation of `_accruedFeeShares`

`reconcileSignerCount()` would be blocked if `validSignerCount > maxSigners`, Safe would not be able to execute any transactions, all assets would be locked.

`checkAfterExecution()` will always be reverted, Safe would not be able to execute any transactions, all assets would be locked.

Nested linked trees could cause recursion stack overflow

An inconsistency in the behaviour of `balanceOf()` and `balanceOfBatch()`.

`userRewardDebts` shouldn’t be cleared before setting `cachedUserRewards`

`cachedUserRewards` and `userRewardDebts` shouldn’t be divided by 1e18 in `internalRewardsForToken()` and `externalRewardsForToken()

`_accumulateInternalRewards()` could revert if `block.timestamp > rewardToken.lastRewardTime`

Faulty math in `internalRewardsForToken()` leads to Denial of Service

Lenders didn't receive their interest.

`BountyCore.receiveFunds` only checks `_volume != 0` when `_tokenAddress == address(0)`. Malicious users can create many deposits without depositing any funds.

A refunded NFT could block `ClaimManagerV1.claimBounty`

A malicious User can deposit a malicious erc20 token to DOS the bounty

A malicious user can block other users from calling `refundDeposit()`

Refunding NFT doesn't decrease the length of nftDeposits. A malicious user can block other users from depositing any NFT.

`setPayoutScheduleFixed`, `setPayoutSchedule` Unable to resize to fewer tiers

Anyone can call `rebalance()` to get excess tokens when `shortFall < 0`, these excess tokens are not used in `rebalance()`

User/Gov's quoteToken allowance which is approved for `depositInsurance()` will be maliciously used on `rebalance()`

`rebalance()` will always be reverted because `_rebalanceNegativePnlWithSwap()` doesn't approve assetToken for spotSwapper

`rebalance()` will always be reverted because it doesn't approve quoteToken for vault

The calculation of `feeAmount ` is incorrect in `Perp._placePerpOrder`

Wrong `CHANGE_COLLATERAL_DELAY` in CollateralBook

Misconfiguration in RoleControl constructor of isoUSDToken

Malicious Bulls can use `transferPosition()` to bypass `checkIsValidOrder()`.

Attackers can use `reclaimContract()` to transfer assets in protocol to address(0)

It should store contractId instead of recipient in `withdrawableCollectionTokenId`

It doesn't handle fee-on-transfer/deflationary tokens

If a user approves junior vault tokens to WithdrawPeriphery, anyone can withdraw/redeem his/her token

Attackers can manipulate ERC4626 price per share to take an unfair share of future users.

Template implementations doesn't validate configurations properly

Attackers can bypass `tokensPerMint` and mint lots of tokens in a transaction

`ERC1155NFTProduct` does not support full functionality of `ERC1155`

`removeAdapter()` doesn't pop the market index in `withdrawSeq`, leading to users not being able to call withdraw

Supply cap of VariableSupplyERC20Token is not properly enforced

Price oracle could get a stale price

A proposal can be cancelled by anyone if the proposal has exactly proposalThreshold votes

`LEther.sol` doesn't properly call `updateState()` upon receiving ether

Price oracle could get a stale price

VaultTracker miscalculates compounding interest

VaultTracker has the wrong admin

transfer() depends on gas consts

`DNSSECImpl.verifySignature` compares strings incorrectly, allowing malicious zones to forge DNSSEC trust chain

Incorrect implementation of `RRUtils.serialNumberGte`

Renew of 2nd level domain is not done properly

BytesUtil.compare returns wrong result on some strings longer than 32 characters

ERC5095 redeem/withdraw does not update allowances

Able to mint any amount of PT

attacker can call sweepRewardToken() when `bribesProcessor==0` and reward funds will be lost because there is no check in sweepRewardToken() and _handleRewardTransfer() and _sendTokenToBribesProcessor()

`_harvest` has no slippage protection when swapping `auraBAL` for `AURA`

Badger rewards from Hidden Hand can permanently prevent Strategy from receiving bribes

Sellers may lose NFTs when orders is matched with `matchOrders()`

Overpayment of native ETH is not refunded to buyer

Calling `unstake()` can cause locked funds

`LibDiamond.diamondCut()` should check `diamondStorage().acceptanceTimes[keccak256(abi.encode(_diamondCut))] != 0`

Inconsistent Order Book Accounting When Working With Transfer-On-Fee or Deflationary Tokens

Cannot deposit to BathToken if token is Deflationary Token (BathHouse.sol)

RubiconRouter: Excess ether did not return to the user

No cap on fees can result in a DOS in BathToken.withdraw()

Deprecated variables may cause DoS

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

Use `call()` instead of `transfer()` when transferring ETH in RubiconRouter

The check for value transfer success is made after the return statement in _withdrawFromYieldPool of LidoVault

Expiration calculation overflows if call option duration ≥ 195 days

It shouldn’t be possible to create a vault with Cally’ own token

`createVault()` does not confirm whether `tokenType` and `token`’s type are the same

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Owner can modify the feeRate on existing vaults and steal the strike value on exercise

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

User's may accidentally overpay in `buyOption()` and the excess will be paid to the vault creator

SpeedBumpPriceGate: Excess ether did not return to the user

MerkleResistor: zero coinsPerSecond will brick tranche initialization and withdrawals

amount requires to be updated to contract balance increase (1)

Protocol doesn't handle fee on transfer tokens

Critical variables shouldn't be changed after they are set

Chainlink pricer is using a deprecated API

Owner or Managers can rug Aave rewards

Critical Oracle Manipulation Risk by Lender

Reentrancy at _requestLoan allows requesting a loan without supplying collateral