Non-whitelisted owner can also hold/own a troveNFT

The current implementation is incompatible with `WBTC` as collateral token

Sqrt function silently reverts the entire control flow when a packed float of 0 value is passed

Natural Logarithm Function Silently Accepts Invalid Non-Positive Inputs

All reallocate cross-chain token and rewards will be lost for the users using the account abstraction wallet

Attacker can weaponize payWithERC20() to drain all balance from victim

Anyone who is approving `BlueprintV5` contract to spend ERC20 can get drained because `Payment::payWithERC20`

`Vesting.sol` use `initializer` modifier instead of `onlyInitializing`

Attacker can halt staking reward by frequently calling core function that later would call `SymmStaking::_updateRewardsStates`

User can experience DoS when calling `SymmVesting::addLiquidity` second time after some duration

Attacker can reset remaining reward duration to default duration by calling `SymmStaking::notifyRewardAmount` and providing dust amount as additional reward

Improper Transfer Restrictions on Non-Bridged Tokens Due to Boolean Bridged Token Tracking, Allowing a DoS Attack Vector

Incorrect calculation on `userTokens` when user call `updateParticipation()`

`Launch::updateParticipation` incorrectly update the total tokens requested for user by the `currencyAmount`

ZENO Token Redemption Returns Negligible USDC Amount Compared to Purchase Price

Incorrect decimal handling in `Auction::buy()` leads to massive overpayment for ZENO tokens

Multiple issues from unnecessary balance increase calculation in DebtToken.mint

Reward manipulation vulnerability in StabilityPool

RToken's transfer function lead to loss of funds due to incorrect math

Any attempt to liquidate a user will fail, because StabilityPool does not hold crvUSD during operational lifecycle

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

Incorrect utilization rate forces protocol to issue maximum rewards indefinitely

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

RToken.transferFrom() Does Not Scale User Balances Due to Stale Liquidity Index

LendingPool deposits do not work with CurveVault due to lack of funds

There is no logic checking for RAACNFT price staleness before minting it

`RToken::calculateDustAmount` are incorrectly calculated, leading to not be able to transfer the accrued dust amount

LendingPool.getUserDebt returns outdated value and can lead to liquidation failure

The earned yield from the Curve vault can never be utilized when withdrawing or borrowing

When the prime rate is updated by the oracle, the values of the sub-rates are not ajdusted accordingly, which can cause loss of assets for borrowers

Cross-Chain Signature Replay Attack Due to User-Supplied `domainSeparator` and Missing Deadline Check

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Protocol fee amount calculation is inconsistent

The remaining deposit BLP will be stuck in `BalancerRouter.sol` when the user makes a deposit to `PreDeposit.sol`

Blocklisted bidder cannot be removed from auction even his bid == lowestBidIndex and his can make auction always fail

Incorrect fee calculation when protocol call `Pool::claimFees` resulting really small amount of fees

`Auction::endAuction` would always fail

USDC Blacklisted address can DoS new bid in `Auction.sol`

Failed auction period still update `sharesPerToken` like it is succeed

`Auction::endAuction` result can be manipulated

Stuck fund if `BalancerRouter::joinBalancerAndPredeposit` amount of `balancerPoolTokenReceived` is higher than the current unfulfilled deposit cap in `PreDeposit`

Users can claim more that their actual allotment

Creator of one vesting plan can affect vesting plans created by other users.

Users can claim more that their actual allotment

Missing sellable check in completePurchase will cause a user to buy a token marked as unsellable by S2ADMIN if it was listed beforehand

Listing potential can not be purchased with discounted price

`sellQuote` and `buyQuote` are missing deadline check in `LamboVEthRouter`

Minting zero tokens when underlyingToken is not Ether in cashIn()

Since the cost of launching a new pool is minimal, an attacker can maliciously consume VirtualTokens.

Lack of slippage on `sellVotes()`

Inaccurate `marketFunds` update in `ReputationMarket::buyVotes` will makes the market funds not reflected correctly

`EthosVouch::unvouch` allows the accused avoid slashing during the accusation period

Borrower can not `extendLoan` if the `maxDuration` is under 5 days due to underflow

Anyone can call `DLOFactory::deleteOrder` multiple times to delete others lend offer from contracts state

Lack of Validation for `tierConfigs[i].minted` Value in New Tiers During DAO Membership Update

User can only make a claim once and can't claim on remaining available epochs, although there are still rewards to claim

`drawRaffle()` cannot be call, this results in boost participants not getting their incentives

Fee on Transfer and Rebasing Token can't be used for budget asset

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

Reentrancy Vulnerability Allows Bypass of Cooldown, Leading to Unfair Reward Extraction Through Flash Loan

Refunds sent to incorrect addresses in certain cases

Inconsistent Data Handling in getSupplyBalance Leading to Incorrect Balance Calculation

`ZEROLEND` protocol can consume stale price data or cant operate on some EVM chains

Non-Zero Allowance Change and Approval Vulnerability in approve, reallocate, and deploySuperPool Functions

`ChainlinkEthOracle` and `ChainlinkUsdOracle` did not check `minAnswer` and `maxAnswer`, this may cause wrong price

The `superPool` contract cannot be `paused` and `unpaused` completely when needed (i.e. `superPool` is hacked) because none of the functions in it use the `whenNotPaused` and `whenPaused` modifiers

Funds can be locked indefinitely in NukeFund.sol

Pause and unpause functions are inaccessible

Imprecise token age calculation results in an incorrect nuke factor, causing users to claim the wrong amount

Unsafe Use of 'transfer()'/'transferFrom()' on ERC20

Lack of slippage and deadline during withdraw and deposit

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

AccountingManager has no correct implementations of the core ERC-4626 functions `deposit`, `mint`, `withdraw` and `redeem`

Lack of Slippage Controls in retrieveTokensForWithdraw Function

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

The `BURNER` cannot burn tokens from accounts not KYC verified due to the check in `_beforeTokenTransfer`.

V3Vault is not ERC-4626 compliant

PrincipalToken is not ERC-5095 compliant

Attack to make ````CurveSubject```` to be a ````HoneyPot````

There is no way to liquidate a position if it breaches maxDebtPerCollateralToken value creating bad debt.

`ODSafeManager#allowSAFE()` cannot be executed either by the proxy contract or any other address.