Assets deposited before calculating shares amount to mint will cause users to mint less shares.

CL gauge accepts unverified pools, allowing malicious pool to brick distribution

Dust vote on one pool prevent `poke()`

`BalancerWeightedAuraVault.sol` wrongly assumes that all of the weighted pools uses `totalSupply`

`getOraclePrice` in `SingleSidedLPVaultBase.sol` does not check if the sequencer is down for Arbitrum/Optimism

`depositFromNotional` function is payable, which means that it should accept Ether, but in reality will revert 100% when msg.value > 0

Some arbitrary proposal calls will fail because executeProposal() in ProposalExecutionEngine is not payable

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Borrower can drain all funds of a sanctioned lender

All tokens can be stolen from `VirtualAccount` due to missing access modifier

Funding a pool on `Allo.sol` would not be compatible and accurate with Fee-on-transfer tokens

`_registerRecipient` in the `RFPSimpleStrategy.sol` will revert 100% if `useRegistryAnchor` is true

```trancheTokenAmount``` should be rounded UP when proceeding to a withdrawal or previewing a withdrawal.

Fully slashed transcoder can vote with 0 weight messing up the voting calculations

Lenders can force borrowers to get defaulted

The peg stability module can be compromised by forcing lowerDepeg to revert.

`sync` function in `RdpxV2Core.sol` should be called in multiple scenarios to account for the balance changes that occurs

`getPrice` in `CurveTricryptoOracle.sol` assumes that the ETH will always be the third token which is not the case all the time.

`closePositionFarm` in `AuraSpell.sol` doesn't use any real slippage protection when `exitPool` is called which can lead to loss of funds

`getPrice` in `WeightedBPTOracle.sol` uses `totalSupply` for price calculations which can lead to wrong results

Incorrect Solidity version in FullMath.sol can cause permanent freezing of assets for arithmetic underflow-induced revert

Proposals which intend to send native tokens to target addresses can't be executed

`fastTrackProposalExecution` doesn't check `intendedRecipient`

`_unwrap` in `MultiInvoker.sol` can revert every time in some cases which will make the users not being able to `_liquidate` or `_withdraw` with `warp` to true

Sandwich attack to steal all ERC-20 tokens in the Fees contract

No expiration deadline leads to losing a lot of funds

Unnecessary If condition in update() of Staking.sol

Theft of collateral tokens with fewer than 18 decimals

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

High - Funds can be lost if any participant is blacklisted

The `xcall` made in the function `_settleClaim` is not configured correctly which will make the transaction revert all the time

`getPriceInEth` in `TellorOracle.sol` doesn't uses the best practices recommended by Tellor which can cause wrong pricing

`_sendToken` implementation in `Balancer.sol` is wrong which will make the underlying erc20 be send to a random address and lost

Potential 99.5% loss in `emergencyWithdraw()` of two Yieldbox strategies

[HB10] `AaveStrategy.sol`: Changing swapper breaks the contract

CompoundStrategy `_currentBalance` uses `exchangeRateStored` which is leaks value

`MagnetarV2#burst` double counts `msg.value` for `TOFT_WRAP` operation, making the transaction revert unless the user overpays

`Seer.sol` inherits `OracleMulti.sol` which calls `_getQuoteAtTick` from `OracleMath.sol` , function which would revert when `_getRatioAtTick` is called since it doesn't allow overflow behavior

FullMath and TickMath libraries desire overflow behavior

In the case of a blacklisted address `exercise` could revert, making it impossible for users exercise and use their `optionToken`

Incorrect function call in LybraRETHVault's getAssetPrice

Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called

`getUnderlyingPrice` from `Oracle.sol` doesn't have extra checks which can return stale or incorrect results

Liquidation and borrowing process would be broken for some ERC20

`mintRebalancer` and `burnRebalancer` do not use the `onlyBalancer` modifier which means that anyone can call them and mint/burn any amount of tokens to the contract

Function `BuyUSSDSellCollateral` would revert all the time when it gets to sell WBTC.

The last if statement in `SellUSSDBuyCollateral` function is broken according to the comments.

The address in the `StableOracleWBTC.sol` is wrong which would give the wrong price when the oracle is called

`StableOracleDAI.sol` assumes the wrong decimals in the `getPriceUSD` function

Incorrect calculation of the remaining updatedRewards leads to possible underflow error

Fee-on-transfer tokens could break the liquidation process in some cases

An attacker can manipulate the preDepositvePrice to steal from other users.

ERC20's that don't let transfer of 0 amount of tokens can get the NFT stuck in the contract in case of liquidation