Pause and unpause functions are inaccessible

WhenNotPaused modifier in the CDPVault can be bypassed by users

Incorrect withdraw queue balance in TVL calculation

Withdrawals and Claims are meant to be pausable, but it is not possible in practice

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

The total deposit amount limit in `AccountingManager.sol` can be bypassed

`AccountingManager` contract's `previewDeposit`, `previewMint`, `previewWithdraw`, and `previewRedeem` functions are not compliant with EIP-4626 standard

Rewards can be drained because of lack of access control

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

A bad price can be delivered in ChainlinkARBOracle

GMXOracle.sol#L280: function `getLpTokenAmount` icorrectly assumes that the returned price is in 18 decimal places. But it is 30 decimal places.

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

`sync` function in `RdpxV2Core.sol` should be called in multiple scenarios to account for the balance changes that occurs

The RdpxV2Core contract allows anyone to call redeem tokens even if the contract is paused.

Lender contract can be drained by re-entrancy in `repay`

Sandwich attack to steal all ERC-20 tokens in the Fees contract

Fee on transfer tokens will cause users to lose funds

Rounding error in `WUSDA` can result in loss of user funds, especially when manipulated by an attacker

Reentrancy issue with the 'withdraw' method of USDC. All tokens could be drained.

Incorrect `eligibleAmount` for `AirdropBroker` Phase 3

CollateralEscrowV1.sol: depositAsset is not considered with collateral that would charge fee on transfer

function `restructureCapTable()` in Equity.sol not functioning as expected

Underflow of `lpPosition.points` during withdrawLP causes huge reward minting

pool.sol : First depositor can influence on the share value of the other depositor who may face truncation issue.

SingleSidedLiquidityVault.sol : `_withdrawUpdateRewardState` is not updating the `cachedUserRewards` correctly.

`refundDeposit` will not work when `deposits` array grows bigger or deliberately increased to huge value.

`setPayoutScheduleFixed` and `setPayoutSchedule` are not using the correct array length value in the `for` loop

unsafe ERC20 operations.

repay business logic should handle the case if the repaid amount is greater than loan amount.

Boosted3TokenPoolUtils.sol : `_validateSpotPrice` function is not validating the price value from getOraclePrice

Boosted3TokenPoolUtils.sol : _redeem - updating the `totalBPTHeld , totalStrategyTokenGlobal` after `_unstakeAndExitPool` is not safe

Inflation of ggAVAX share price by first depositor

Hijacking of node operators minipool causes loss of staked funds

Bypass `whenNotPaused` modifier

RewardsPool.sol : It is safe to have the startRewardsCycle with WhenNotPaused modifier

First depositor can break minting of shares

Pair price may be manipulated by direct transfers

Frontrunning for unallowed minting of Short and Long tokens

`_handleDeposit` and `_handleWithdraw` do not account for tokens with decimals higher than 18

withdrawFromGauge : anyone can calll with value NFT id and take away funds

increaseCollateralAmount : User is not allowed to increase collateral freely.

DepositReceipt_Base.sol#L21 : HEARTBEAT_TIME gap is too huge

`transfer` call - return type is not validated.

Settle contract: bull can abuse the safeTransferfrom even if there is 'try' 'cath'.

`withdrawToken` can be re-entered

Use of `transfer` function to send fund may not work and fund can stuck.

Public vault : Initial depositor can manipulate the price per share value and future depositors are forced to deposit huge value in vault.

Inadequate access restrictions for Redeem functions in Redeemer.sol

Redeemer.sol#L168 : setFee never be called .

Public vault : Initial depositor can take unfair advantage by depositing large amount. 1 wei share attack

LienToken.sol#L594 : _payment is taking all. It is not refunding the excess amount back to user.

Factory.sol : Issue with arbitrary data as signature in signature based call and deploy methods.

NFTCollection.sol : Lack of validation for runtime configuration when initialize is dangerous.

UserManager.sol#L438-L466 : getFrozenInfo could revert due to out of gas when the vouchees array size is large

an early user/attacker can manipulate the myLink share price take an unfair share of future users' deposits

AaveV2Plugin.sol#L44 : _deposit will revert when aave lending pool is paused.

PricerInternal.sol#L49 : The price data returned from `_latestAnswer64x64` may not be a updated one (may not be a latest data)

not able to create claim

reduceERC721Fee function can not set fee when the NFT token ID is more than type(uint128).max

fee validation check is missing in Transfer.sol

It is possible that receiver and treasury can receive nothing when calling `withdraw` function due to division being performed before multiplication

Different Oracle issues can return outdated prices

oracle : latestRoundData will not tell the latest price feed data.

TwoTokenPoolMixin.sol : the token's decimals could not be same. Calculation based on token decimal will not give correct result.

Proposals can be bricked and Auctions stalled by bad settings

[NAZ-M1] Chainlink's `latestRoundData` Might Return Stale Results

Inconsistent logic of increase unlock time to the expired locks

`increaseUnlockTime` missing `_checkpoint` for delegated values

```migrateFractions``` may be called more than once by the same user which may lead to loss of tokens for other users