Price of sfrxEth derivative is calculated incorrectly

DoS due to external call failure

Users can end up buying and paying for a different Tray than the one they were trying to acquire

Bio Protocol - `tokenURI` JSON injection

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

`saleReceiver` and `feeReceiver` can steal refunds after sale has ended

ETH will get stuck if all NFTs do not get sold.

Denial of Service of depositAuction and withdrawAuction

Denial of Service - userDepositIndex and userWithdrawIndex growing indefinitely

Supply cap of VariableSupplyERC20Token is not properly enforced

OlympusGovernance - active proposal does not expire

Inconsistency in staleness checks between OHM and reserve token oracles

[NAZ-M1] Chainlink's `latestRoundData` Might Return Stale Results

Unsafe casting from int128 can cause wrong accounting of locked amounts

Attacker contract can avoid being blocked by BlockList.sol

FraxlendPair#setTimeLock: Allows the owner to reset TIME_LOCK_ADDRESS

Delegate call in `Vault#_execute` can alter Vault's ownership

Overlap Between `ERC721.transferFrom()` and `ERC20.transferFrom()` Allows `order.erc20Assets` or `order.baseAsset` To Be ERC721 Rather Than ERC20

NibblVault buyout duration longer than update timelock

Protocol fee rate can be arbitrarily modified by the owner and the new rate will apply to all existing orders

BathToken LPs Unable To Receive Bonus Token Due To Lack Of Wallet Setter Method

No cap on fees can result in a DOS in BathToken.withdraw()

Owner can modify the feeRate on existing vaults and steal the strike value on exercise

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

SpeedBumpPriceGate: Excess ether did not return to the user

amount requires to be updated to contract balance increase (1)

ERC20 tokens with different decimals than 18 leads to loss of funds

Centralisation Risk: Owner may abuse the tax rate to claim 99.9% of pools

Protocol doesn't handle fee on transfer tokens

Use of `.send()` May Revert if The Recipient's Fallback Function Consumes More Than 2300 Gas

Many unbounded and under-constrained variables in the system can lead to unfair price or DoS

_depositAmount requires to be updated to contract balance increase

_revokeRole doesn't remove account from roleMember set

Chainlink's latestRoundData might return stale or incorrect results

Chainlink's latestRoundData might return stale or incorrect results

StakedCitadel: wrong setupVesting function name

KnightingRound tokenOutPrice changes

Chainlink pricer is using a deprecated API

Emergency mode enable/disable issue

Donated Tokens Cannot Be Recovered If A Shelter Is Deactivated

[ConcurRewardPool] Possible reentrancy when claiming rewards