Malicious proposer can DOS bridge withdrawals

Attacker can use outdated API data in CDS.withdraw()

BorrowLib.withdraw() ignores the downside protection when transferring the repayment

`CDSLib.withdrawUser()` will underflow if collateral price decreases after liquidation

Treasury will run out of liquidated funds to give to withdrawing users causing withdrawals to fail

user will pay more debt because cumulative rate isn't updated before their deposit

Casting the quorum votes to uint88 causes the value to be smaller than expected for high decimal collection tokens.

Attacker can cancel an executed shutdown

User can't claim royalties for bridged ERC1155 tokens

Reserved listing can be cancelled by the owner

User will pay more taxes than they should when they modify an existing listings floor multiple

Moongate uses universal royalty for all the bridged tokens of an ERC721 contract

Reentrancy Vulnerability Allows Bypass of Cooldown, Leading to Unfair Reward Extraction Through Flash Loan

Incorrect Fee Handling Prevents Protocol from Updating Fees

The maximum number of generations is infinite

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`

`Flashlender.sol#flashLoan()` should use `mintProfit()` to mint fees. The current implemetation may lead to locked up WETH in PoolV3.

Paused gauge will continue to accrue funds that aren't claimable

RewardDistributorV2 can use outdated totalSupply in reward calculation

Team receives more emissions than they should each cycle

First depositor in stable pair can DOS pool

Attacker can decrease reward rate in ZivoeRewards and ZivoeRewardsVesting

ZivoeRewardsVesting's totalSupply breaks when a user's vesting schedule is revoked

ZivoeRewardsVesting leaves a user voting power after their token allocation was revoked

OCL_ZVE can fail to provide liquidity to Uni v2 pool

The price of rsEHT could be manipulated by the first staker

Protocol mints less rsETH on deposit than intended

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Attacker can reenter to mint all the collection supply

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

Vulnerability in burnToMint function allowing double use of NFT

Attacker can prevent rewards from being issued to gauges for a given epoch in TapiocaOptionBroker

`emitForWeek` will lose `emissionForWeek` if one week is skipped

CompoundStrategy `_currentBalance` uses `exchangeRateStored` which is leaks value

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

tOLP tokens that are not unlocked after they have expired cause the reward distribution to be flawed

[HB09] `emergencyWithdraw` on all strategy contracts useless without a pause mechanism

Party A can prevent a position from being emergency closed

LiquidationFacet allows `setPrice` to be called with outdated prices

`openPosition()` doesn't check the solvency of both parties properly

Liquidator should always be rewarded for liquidations

Liquidating pending quotes doesn't return trading fee to party A

FeeCollector withdrawing funds can prevent pending quotes from being canceled

Unitas includes funds inside portfolio when calculating total reserves

Price tolerance can break protocol if USDT depegs.

USD1 is priced as $1 instead of being pegged to USDT

Oracle contract doesn't check for outdated price data

Attacker can brick AAVE v3 module for assets with approval race condition protection

Delegation rewards are not counted toward granting fund

The voting thresholds in Ajna's Extraordinary Funding Mechanism can be manipulated to execute proposals below the expected threshold.

It is impossible to slash queued withdrawals that contain a malicious strategy due to a misplacement of the ++i increment

JUSD borrow fee rate is less than it should be

JUSDBank should mint/burn JUSD instead of only transferring it

Commited collateral can be changed after bid was created

CollateralManager allows the same collateral address to be added twice

Can't pause or remove a minter

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

function `restructureCapTable()` in Equity.sol not functioning as expected

PrivatePool owner can steal all ERC20 and NFT from user via arbitrary execution

`PrivatePool.flashLoan()` takes fee from the wrong address

Malicious royalty recipient can steal excess eth from buy orders

Royalty recipients will not get fair share of royalties

EthRouter can't perform multiple changes

Position doesn't distribute rewards to users

Placeholder

Zero reward rate calculation impedes low-decimals token distributions

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Non-ideal rETH/WETH pool used pays unnecessary fees

Users can end up buying and paying for a different Tray than the one they were trying to acquire

User can bypass Carousel's depositFee using the deposit queue

attacker can cause user's rollover to not be executed

Attacker can block deposit & rollover queue

Controller doesn't send treasury funds to the vault's treasury address

Attacker can DOS user's deposit by spamming the queue

Underflow of `lpPosition.points` during withdrawLP causes huge reward minting

User can prevent liquidations by frontrunning the tx and slightly increasing their collateral

TAU doesn't decrease vault's mint amount when tokens are burned

Vault executes swaps without slippage protection

Vault doesn't claim rewards when a protocol is blacklisted

Vault will revert when depositing into a protocol with USDT as the underlying token

Vault rebalance can cause deposits to revert

User can receive more rewards through a mistake in the withdrawal logic

`cachedUserRewards` aren't reset after the user claimed them

`cachedUserRewards` can cause subsequent reward claims to revert because of an underflow

Any unclaimed rewards will be lost when the admin removes a reward token

Creating an internal reward token with a start timestamp in the future will cause deposits & withdrawals to revert

Vault's migration contract can't really migrate anything

User can game withdrawal requests to be able to withdraw their whole balance in every cycle

Too many active protections can cause the ProtectionPool reach the block gas limit

Possibility of deposits reverting in rare scenario where pool goes from locked to active state

Excess underlying tokens withdrawn through the BlueBerryBank from the SoftVault will be locked up

Positions won't be liquidatable at the correct threshold because of an accounting issue in `withdrawLend()`

Deposits can be refunded after a bounty closed

Refunding an NFT will result in claims being reverted

Bounty refunds are first come first serve

Attacker can DOS bounty's NFT rewards

Attacker can DOS bounty by funding it with worthless ERC20 tokens

First vault depositor can steal other's assets

Incorrect Reward Duration After Change in Reward Speed in MultiRewardStaking

Vault creator can't change feeRecipient after deployment

Vault creator can't change quitPeriod

`MultiRewardStaking.changeRewardSpeed()` breaks the distribution

cool down time period is not properly respected for the `harvest` method

Anyone can reset fees to 0 value when Vault is deployed

Multiple accounts can have the same identity

Protocol fees can be withdrawn multiple times in `Erc20Quest`

User may loose rewards if the receipt is minted after quest end time

Convenience contract fails to function if asset or collateral is an ERC20 token with fees

Vault's don't verify that a strategy's deadline has passed

FlashAuction doesn't pass the initiator to the recipient

`FeeRefund.tokenGasPriceFactor` is not included in signed transaction data allowing the submitter to steal funds

`PerpDepository.rebalance()` can be abused to steal funds

Collateral NFT deposited to a wrong address, when transferred directly to `PaprController`

Lock.sol: assets deposited with Lock.extendLock function are lost

Incorrect Assumption of Stablecoin Market Stability

Trading will not work on ethereum if USDT is used

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

Unreleased locks cause the reward distribution to be flawed in BondNFT

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

Editions should be checked if they are actually deployed from the legitimate Escher721Factory

selfdestruct() will not be available after EIP-4758

WETH.sol computes the wrong totalSupply()

Anyone can create Proposal Unigov Proposal-Store.sol

It's not possible to execute governance proposals through the GovernorBravoDelegate contract

Comptroller uses the wrong address for the WETH contract

Accountant can't be initialized

User can redirect fees by using a proxy contract

Malicious Users Can Drain The Assets Of Auto Compound Vault

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

Attacker can lockup all tokens held by BvbProtocol contract

Protocol can't handle fee-on-transfer tokens

Incompatibility with fee-on-transfer/inflationary/deflationary/rebasing tokens, on both base tokens and quote tokens, with varying impacts

Whitelisted functions aren't scoped to revenue contracts and may lead to unnoticed calls due to selector clashing

Variable balance ERC20 support

Borrower/Lender excessive ETH not refunded and permanently locked in protocol

Reward can be over- or undercounted in `extendPledge` and `increasePledgeRewardPerVote`

Oracle's two-day feature can be gamed

Oracle assumes token and feed decimals will be limited to 18 decimals

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

`Reedemer.redeem()` for Sense will always fail

Changing the converter in the Redeemer contract will break the redeem functionality for 3 principals

Can't create multiple markets for ERC20 tokens that have approval protections

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount

Protocol can be easily rug-pulled by the owner

First depositor to Vault can break minting of shares

Adding same plugin twice can break vault's internal bookkeeping

Chainlink oracle isn't validated properly

frxETHMinter: Non-conforming ERC20 tokens not recoverable

Loss of vested amounts

not able to create claim

Supply cap of VariableSupplyERC20Token is not properly enforced

LEther doesn't update the state on deposits and redeems

Chainlink oracle isn't validated properly

TRSRY: front-runnable `setApprovalFor`

Missing upper limit definition in replaceLenderFee() of HomeFi.sol

Change of operators possible from old operators

transfer() depends on gas consts

```migrateFractions``` may be called more than once by the same user which may lead to loss of tokens for other users

A VAULT OWNER CAN BE ALSO THE CONTROLLER AND ARBITRARILY SET THE SECONDARY MARKET ROYALTIES

An attacker can DoS vault's buyout with as little as 1 wei per 4 days

Use of `payable.transfer()` may lock user funds

ORACLE DATA FEED CAN BE OUTDATED YET USED ANYWAYS WHICH WILL IMPACT ON PAYMENT LOGIC

Use a safe transfer helper library for ERC20 transfers

Discounted fee calculation is imprecise and calculates less fees than anticipated

Overpayment of native ETH is not refunded to buyer

Calling `unstake()` can cause locked funds

Protocol fee rate can be arbitrarily modified by the owner and the new rate will apply to all existing orders

InfinityExchange computes gas refunds in a way where the first order's buyer pays less than the later ones

WETH.sol computes the wrong totalSupply()

Anyone can create Proposal Unigov Proposal-Store.sol

It's not possible to execute governance proposals through the GovernorBravoDelegate contract

Comptroller uses the wrong address for the WETH contract

Accountant can't be initialized

User can redirect fees by using a proxy contract

`PortcalFacet.repayAavePortal()` can trigger an underflow of `routerBalances`

Did Not Approve To Zero First Causing Certain Token Transfer To Fail

FeeBurner initiates swap without any slippage checks if Chainlink oracle fails

`VE3DRewardPool` and `VE3DLocker` adds to an unbounded array which may potentially lock all rewards in the contract

VE3DRewardPool allows the same reward address to be added multiple times to the `extraRewards` array

Attacker can block LayerZero channel

Malicious user can populate `rewards` array with tokens of their interest reaching limits of `MAX_REWARD_TOKENS`

Voting tokens may be lost when given to non-EOA accounts

RedemptionSender should estimate fees to prevent failed transactions

RubiconRouter.swapEntireBalance() doesn't handle the slippage check properly

Strategists can't be removed

RubiconRouter: Excess ether did not return to the user

No cap on fees can result in a DOS in BathToken.withdraw()

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

`RubiconMarket.sol#isClosed()` always returns false, making the market can not be stopped as designed

Early funds withdrawers can get bonus in multiples of vested bonus tokens (e.g. 2-times, 3-times, etc.)

Strategist can transfer user funds to themselves

BathBuddy locks up Ether it receives

Use `call()` instead of `transfer()` when transferring ETH in RubiconRouter

no-revert-on-transfer ERC20 tokens can be drained

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

User's may accidentally overpay in `buyOption()` and the excess will be paid to the vault creator

YearnTokenAdapter allows a maximum loss of 100% when withdrawing

amount requires to be updated to contract balance increase (1)

The owner can mint all of the NFTs.

Contract may not have enough fund to cover refund

Chainlink pricer is using a deprecated API

The return value `success` of the get function of the INFTOracle interface is not checked

Lender is able to seize the collateral by changing the loan parameters

CvxCrvRewardsLocker implements a swap without a slippage check that can result in a loss of funds through MEV

StakedCitadel doesn't use correct balance for internal accounting

Funding.deposit() doesn't work if there is no discount set

Chainlink pricer is using a deprecated API

Can force borrower to pay huge interest

Protocol doesn't handle fee on transfer tokens

Splitter: Anyone can call incrementWindow to steal the tokens in the contract

CoreCollection can be reinitialized

DoS: `claimForAllWindows()` May Be Made Unusable By An Attacker

Centralisation RIsk: Owner Of `RoyaltyVault` Can Take All Funds

LibSwap: Excess funds from swaps are not returned

Anyone can get swaps for free given certain conditions in `swap`.

SingleStrategyController doesn't verify that new strategy uses the same base token

Usage of deprecated Chainlink functions

Improper Upper Bound Definition on the Fee

Owners have absolute control over protocol

Incentive Pool can be drained without rebalancing the pool

Incompatibility With Rebasing/Deflationary/Inflationary token

denial fo service

`settleFunding` will exceed block gas with more markets and activity

ERC4626 mint uses wrong `amount`

Malicious Users Can Drain The Assets Of Auto Compound Vault

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

StakedCitadel doesn't use correct balance for internal accounting

Funding.deposit() doesn't work if there is no discount set

Repeated Calls to Shelter.withdraw Can Drain All Funds in Shelter

Fee-on-transfer token donations in `Shelter` break withdrawals

Owner of LaunchEvent token has the ability to DOS attack the event

ERC20 return values not checked

[WP-H5] `L1Migrator.sol#migrateETH()` dose not send `bridgeMinter`'s ETH to L2 causing ETH get frozen in the contract

L1Migrator.migrateLPT` can be used to take away protocol's access to LPT tokens in BridgeMinter

backdoor in `withdrawRedundant`

[WP-M17] `Vault.sol` Tokens with fee on transfer are not supported

Unbounded iteration over all indexes (2)

Vaults with non-UST underlying asset vulnerable to flash loan attack on curve pool

Vault can't receive deposits if underlying token charges fees on transfer

Convenience contract fails to function if asset or collateral is an ERC20 token with fees

Tokens can be stolen when `depositToken == rewardToken`

Support of different ERC20 tokens

Zap contract's redeem() function doesn't check which token the user wants to receive

Unchecked transfers

No Transfer Ownership Pattern