Upon IncreaseAmount the lock may not align to the nearest weekly increment

Attacker can frontrun deployVault to deploy at the same address

KYCRegistry is susceptible to signature replay attack.

Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

Chainlink price feed is not sufficiently validated and can return stale price

`saleReceiver` and `feeReceiver` can steal refunds after sale has ended

ETH will get stuck if all NFTs do not get sold.

Unsafe downcasting operation truncate user's input

SWAP_ROUTER in AutoPxGmx.sol is hardcoded and not compatible on Avalanche

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

`lending-market/NoteInterest.sol` Wrong implementation of `getBorrowRate()`

Incorrect amount taken

`VE3DRewardPool` and `VE3DLocker` adds to an unbounded array which may potentially lock all rewards in the contract

`VE3DLocker.sol` Wrong implementation of inversely traverse for loops always reverts

RubiconRouter: Excess ether did not return to the user

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

Use `call()` instead of `transfer()` when transferring ETH in RubiconRouter

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

SpeedBumpPriceGate: Excess ether did not return to the user

MerkleResistor: zero coinsPerSecond will brick tranche initialization and withdrawals

safeTransferFrom is recommended instead of transfer (1)

Contract may not have enough fund to cover refund

Use of `.send()` May Revert if The Recipient's Fallback Function Consumes More Than 2300 Gas

Many unbounded and under-constrained variables in the system can lead to unfair price or DoS

Critical variables shouldn't be changed after they are set

[WP-H1] A malicious early user/attacker can manipulate the vault's pricePerShare to take an unfair share of future users' deposits

Avoidance of Liquidation Via Malicious Oracle

Critical Oracle Manipulation Risk by Lender

Lender is able to seize the collateral by changing the loan parameters

Mistake while checking LTV to lender accepted LTV

Incorrect accounting of free weight in `_decrementWeightUntilFree`

New vest reset `unlockBegin` of existing vest without removing vested amount

Users at UNSTAKE_PERIOD can assist other users in unstaking tokens.

`LiquidityProviders`: Setting new LP token will break contract

`LiquidityProviders`: Setting new liquidity pool will break contract

Improper Upper Bound Definition on the Fee

Upgradable escrow contract

Not compatible with Rebasing/Deflationary/Inflationary tokens

Schain owners can rug pull users' funds

Ownership of Swap.vy cannot be transferred

`settleFunding` will exceed block gas with more markets and activity

Slurp can be frontrun with fee increase

Gibber can take any amount from safes

transferBribes could transfer before proposal deadline + Input validation

Admin Privilege - Owner can rug via `ThecosomataETH.withdraw`

SafeERC20.sol is imported but not used in the transferBribes() function

[WP-H0] `DEFAULT_ADMIN_ROLE` of `BribeVault` can steal tokens from users' wallets

Cashback on referral

Owner can steal input tokens

Seven ways in which the Owner and Proxy Admin can make users lose funds ("rug vectors")

Repeated Calls to Shelter.withdraw Can Drain All Funds in Shelter

USDMPegRecovery Risk of fund locked, due to discrepancy between curveLP token value against internal contract math

USDM locked unless guardian remove liquidity

[WP-H2] `ConvexStakingWrapper#deposit()` depositors may lose their funds when the `_amount` is huge

Deactivate function can be bypassed

MAX_SHORTFALL_WITHDRAW limit on BTP extraction is not enforced

anti-flashloan mechanism may lead to protocol default

[WP-H5] `L1Migrator.sol#migrateETH()` dose not send `bridgeMinter`'s ETH to L2 causing ETH get frozen in the contract

[WP-H3] `L1Migrator.sol#migrateETH()` Improper implementation of `L1Migrator` causing `migrateETH()` always reverts, can lead to ETH in `BridgeMinter` getting stuck in the contract

Fund loss when insufficient call value to cover fee

L1Migrator.migrateLPT` can be used to take away protocol's access to LPT tokens in BridgeMinter

`requestWithdraw` without obligation to withdraw allow underwriter to avoid payout

Adding pair of the same `foreignAsset` would replace oracle of earlier entry

Bypass zap timelock

`totalSupply` may exceed `LibBasketStorage.basketStorage().maxCap`

Malicious tickets can lead to the loss of all tokens

cancelPromotion is too rigorous

Rewards can be claimed multiple times

Fee calculation is slightly off

Missing cap on LicenseFee

Admin can break `_numberOfValidTokens`

Withdraw from `AaveVault` will receive less than actual share

Possible incentive theft through the arbitraryCall() function

Tokens can be stolen when `depositToken == rewardToken`

Wrong calculation of excess depositToken allows stream creator to retrieve `depositTokenFlashloanFeeAmount`, which may cause fund loss to users

Timelock can be bypassed

Unable to remove liquidity in Recovery Mode

`UniswapHandler.maltMarketPrice` returns wrong decimals

User can bypass Recovery Mode via UniswapHandler to buy Malt

Dutch auction can be manipulated

Improper Upper Bound Definition on the Fee

`setGuardian()` Wrong implementation

Improper implementation of slippage check

No slippage control on `deposit` of IbbtcVaultZap.sol

`calcMint` always return poolId=0 and idx=0

Attacker can claim more IL by manipulating pool price then `removeLiquidity`

Governance veto can be bypassed

Swaps are not split when trade crosses target price

Approved spender can spend too many tokens

The design of `wibBTC` is not fully compatible with the current Curve StableSwap pool

Unable to transfer WrappedIbbtc if Oracle go down

Referrer can drain ReferralFeePoolV0

liquidation factor < collateral factor for Sigma type

borrow function will borrow max cf when trying to borrow > cf

Unchecked ERC20 transfer calls