Wrong state update in `liquidationType1` call

Interest from Liquidation can never be withdrawn

No access control on `CDS.updateDownsideProtected` function

Loss of funds on `CDS.redeemUSDT`

Loss of eth during liquidation type 1.

Broken `option renewal` validation with current timestamp

`downside protected amount` is also pulled from user when withdrawal

`calculateCollateralToReturn` is prone to manipulation by depositors

`liquidationType2` will self DOS due to lack of ETH

`optionFees` manipulation on `Borrowing.depositTokens`

Missing `updateDownsideProtected` call

DOS to `liquidateBorrowPosition` on MODE chain

wrong `CumulativeRate` calculation on `Borrowing._withdraw`

`liquidationType1` will revert in an edge case

wrong size delta accounting on `synthetixPerpsV2.submitOffchainDelayedOrder` call

the `CDS_NotEnoughFundInCDS` validation reads the wrong ratio due to wrong tracking of last ETH price

Holders array can be manipulated by transferring or burning with amount 0, stealing rewards or bricking certain functions

Withdrawal from NFTs can be temporarily blocked

Distribution can be bricked, and double claims by a few holders are possible when owner calls `LiquidInfrastructureERC20::setDistributableERC20s`

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Minter / Staker / Spender roles can never be revoked`..,

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Due to missing checks on minimum gas passed through LayerZero, executions can fail on the destination chain

Anyone can update the address of the Router in the DcntEth contract to any address they would like to set.

Permanent loss of tokens if swap data gets outdated

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

Unauthorized Access to setCurves Function

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

Selling will be bricked if all other tokens are withdrawn to ERC20 token

A subject creator within a single block can claim holder fees without holding due to unprotected reentrancy path

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

Withdrawing with amount = 0 will forcefully set name and symbol to default and disable some functions for token subject

Rewards can be drained because of lack of access control

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

Missing deadline check allow pending transactions to be maliciously executed

`costInEuros` calculation will incur precision loss due to division before multiplication

GSP pool can be permanently paused by gaming the initial liquidity action

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Attacker can reenter to mint all the collection supply

Multiple mints can brick any form of `salesOption` 3 mintings

On a Linear or Exponential Descending Sale Model, a user that mint on the last `block.timestamp` mint at an unexpected price.

Auction winner can prevent payments via `safeTransferFrom` callback