`BalancerWeightedAuraVault.sol` wrongly assumes that all of the weighted pools uses `totalSupply`

`getOraclePrice` in `SingleSidedLPVaultBase.sol` does not check if the sequencer is down for Arbitrum/Optimism

`depositFromNotional` function is payable, which means that it should accept Ether, but in reality will revert 100% when msg.value > 0

Some arbitrary proposal calls will fail because executeProposal() in ProposalExecutionEngine is not payable

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Borrower can drain all funds of a sanctioned lender

All tokens can be stolen from `VirtualAccount` due to missing access modifier

Funding a pool on `Allo.sol` would not be compatible and accurate with Fee-on-transfer tokens

`_registerRecipient` in the `RFPSimpleStrategy.sol` will revert 100% if `useRegistryAnchor` is true

```trancheTokenAmount``` should be rounded UP when proceeding to a withdrawal or previewing a withdrawal.

Fully slashed transcoder can vote with 0 weight messing up the voting calculations

Lenders can force borrowers to get defaulted

The peg stability module can be compromised by forcing lowerDepeg to revert.

`sync` function in `RdpxV2Core.sol` should be called in multiple scenarios to account for the balance changes that occurs

`getPrice` in `CurveTricryptoOracle.sol` assumes that the ETH will always be the third token which is not the case all the time.

`closePositionFarm` in `AuraSpell.sol` doesn't use any real slippage protection when `exitPool` is called which can lead to loss of funds

`getPrice` in `WeightedBPTOracle.sol` uses `totalSupply` for price calculations which can lead to wrong results

Incorrect Solidity version in FullMath.sol can cause permanent freezing of assets for arithmetic underflow-induced revert

Proposals which intend to send native tokens to target addresses can't be executed

`fastTrackProposalExecution` doesn't check `intendedRecipient`

`_unwrap` in `MultiInvoker.sol` can revert every time in some cases which will make the users not being able to `_liquidate` or `_withdraw` with `warp` to true

Sandwich attack to steal all ERC-20 tokens in the Fees contract

No expiration deadline leads to losing a lot of funds

Unnecessary If condition in update() of Staking.sol

Theft of collateral tokens with fewer than 18 decimals

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

High - Funds can be lost if any participant is blacklisted

The `xcall` made in the function `_settleClaim` is not configured correctly which will make the transaction revert all the time

`getPriceInEth` in `TellorOracle.sol` doesn't uses the best practices recommended by Tellor which can cause wrong pricing

`_sendToken` implementation in `Balancer.sol` is wrong which will make the underlying erc20 be send to a random address and lost

Potential 99.5% loss in `emergencyWithdraw()` of two Yieldbox strategies

[HB10] `AaveStrategy.sol`: Changing swapper breaks the contract

CompoundStrategy `_currentBalance` uses `exchangeRateStored` which is leaks value

`MagnetarV2#burst` double counts `msg.value` for `TOFT_WRAP` operation, making the transaction revert unless the user overpays

`Seer.sol` inherits `OracleMulti.sol` which calls `_getQuoteAtTick` from `OracleMath.sol` , function which would revert when `_getRatioAtTick` is called since it doesn't allow overflow behavior

FullMath and TickMath libraries desire overflow behavior

In the case of a blacklisted address `exercise` could revert, making it impossible for users exercise and use their `optionToken`

Incorrect function call in LybraRETHVault's getAssetPrice

Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called

`getUnderlyingPrice` from `Oracle.sol` doesn't have extra checks which can return stale or incorrect results

Liquidation and borrowing process would be broken for some ERC20

`mintRebalancer` and `burnRebalancer` do not use the `onlyBalancer` modifier which means that anyone can call them and mint/burn any amount of tokens to the contract

Function `BuyUSSDSellCollateral` would revert all the time when it gets to sell WBTC.

The last if statement in `SellUSSDBuyCollateral` function is broken according to the comments.

The address in the `StableOracleWBTC.sol` is wrong which would give the wrong price when the oracle is called

`StableOracleDAI.sol` assumes the wrong decimals in the `getPriceUSD` function

Incorrect calculation of the remaining updatedRewards leads to possible underflow error

Fee-on-transfer tokens could break the liquidation process in some cases

An attacker can manipulate the preDepositvePrice to steal from other users.

ERC20's that don't let transfer of 0 amount of tokens can get the NFT stuck in the contract in case of liquidation