ERC-20 tokens can be used like ERC-721

with depositETHIntoMultipleRounds can deposit 0 eth to rounds and it can effect the winner of round

``FULL_RESTRICTED`` Stakers can bypass restriction through approvals

Malicious users can front-run to cause a denial of service (DoS) for StakedUSDe due to MinShares checks

All tokens can be stolen from `VirtualAccount` due to missing access modifier

onlyCentrifugeChainOrigin() can't require msg.sender equal axelarGateway

Borrower cannot repay if lender prevent it

Exploitable Vulnerability in Clearinghouse Contract's Reward Mechanism

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Inaccurate swap amount calculation in ReLP leads to stuck tokens and lost liquidity

reLP() mintokenAAmount the calculations are wrong.

Lack of Balance Validation

wrong bToken's exchangeRateStored used for calculate ColleteralValue

Delegated votes are locked when owner lock is expired

Voters from VotingEscrow can vote infinite times in vote_for_gauge_weights() of GaugeController

User don't have to deposit for a week into the market to get his weekly reward from the `LendingLedger`

If governance removes a gauge, user's voting power for that gauge will be lost.

malicious `emissionToken` could poison rewards for a market

Rounding error in `WUSDA` can result in loss of user funds, especially when manipulated by an attacker

An attacker can manipulate the preDepositvePrice to steal from other users.

Can withdraw money before it supposed to do

If underlyingtoken=0 after lock capital there is no chance for deposit token due to function try division 0.

Staking rewards can be drained

Incorrect Reward Duration After Change in Reward Speed in MultiRewardStaking

Modifier VaultController._verifyCreatorOrOwner does not work as intented

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Funds can be stuck due to wrong order of operations

User may loose rewards if the receipt is minted after quest end time

Fee on transfer tokens will not behave as expected

Cancellation of minipool may skip MinipoolCancelMoratoriumSeconds checking if it was cancelled before

A whale user is able to cause freeze of funds of other users by bypassing withdraw limit