incorrect price for negative ticks due to lack of rounding down

Chainlink's `latestRoundData` might return stale or incorrect results

`BOLDUpgradeAction.sol` will fail to upgrade contracts due to error in the `perform` function

Incorrect withdraw queue balance in TVL calculation

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

Deposits will always revert if the amount being deposited is less than the bufferToFill value

Withdrawals and Claims are meant to be pausable, but it is not possible in practice

`Registry.sol#updateHoldingPosition` remove position logic is incorrect: should use `ownerConnector` instead of `calculatorConnector` when calculating holdingPositionId.

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

Incorrect modifier condition

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

Bridge watcher can forge arbitrary message and drain bridge

retryMessage unable to handle edge cases.

Unchecked return value bug on `TransferHelper::_safeTransferFrom()`

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Minter / Staker / Spender roles can never be revoked`..,

Burner role can not be revoked

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Impossible to change managed wallets with `proposeWallets` after first rejection

Creation of token whitelisting proposals can be DOS'd

users still forced to follow previously set cooldownDuration even when cooldown is off (set to zero) before unstaking

``FULL_RESTRICTED`` Stakers can bypass restriction through approvals

Unable to retrieve price information with CamelotRelayer contract

Approved address can approve other addresses for an owner's safe

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Function WildcatMarketController.setAnnualInterestBips allows for values outside the factory range

Removing markets from `WildcatArchController` gives lenders immunity from sanctions

All tokens can be stolen from `VirtualAccount` due to missing access modifier

Cached `DOMAIN_SEPARATOR` is incorrect for tranche tokens potentially breaking permit integrations

```trancheTokenAmount``` should be rounded UP when proceeding to a withdrawal or previewing a withdrawal.

The Restriction Manager does not completely implement ERC1404 which leads to account that are supposed to be restricted actually have access to do with their tokens as they see fit

Incorrect precision assumed from RdpxPriceOracle creates multiple issues related to value inflation/deflation

Users can get immediate profit when deposit and redeem in `PerpetualAtlanticVaultLP`

`UniV3LiquidityAMO::recoverERC721` will cause `ERC721` tokens to be permanently locked in `rdpxV2Core`

`rngComplete` function should only be called by `rngAuctionRelayer`

V3 Proxy does not send funds to the recipient, instead it sends to the msg.sender

Return value of low level `call` not checked.

Rounding error in `WUSDA` can result in loss of user funds, especially when manipulated by an attacker

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

High Prizes might not be claimed

Governance wrongly calculates `_quorumReached()`

`_voteSucceeded()` returns true when `againstVotes > forVotes` and vice versa

Incorrectly implemented modifiers in LybraConfigurator.sol allow any address to call functions that are supposed to be restricted

Due to inappropriately short `votingPeriod` and `votingDelay`, it is near impossible for the governance to function correctly.

The relation between the safe collateral ratio and the bad collateral ratio for the PeUSD vaults is not enforced correctly

Hardcoded fee in Multipool Leading to Rebalance Failure

Wrong Validation for tickSpacing and range

Wrong accounting leads to excess balance for partyB users depositing with the ```depositAndAllocateForPartyB()```

Suspended users can deposit can deposit and allocate their balances

DOS for accounts if liquidation expires.

Owner in VaultProxy.sol is address(0)

`pause/unpause` functionnalities not implemented in many pausable contracts

Stale Price from Oracle

L2 sequencer Downtime

Oracles getPriceUSD returna stale or incorrect result

safeERC20 instead of IERC20