The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Incorrect sequence of AaveDIVAWrapper constructor parameters

A liquidator can seize more or even all collateral assets from all liquidatable positions

The protocol allows borrowing small positions that can create bad debt

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

Fragmentation fee is not taken if user compensates with newly created position

Inadequate checks to confirm the correct status of the sequecnce/sequecncerUptimeFeed in `PriceFeed.getPrice()` contract.

Updating the `startBlock` state variable without affecting existing pools leads to incorrect points/rewards distributions

Flawed if check causes inaccurate tracking of the protocol's ercDebt and collateral

Users can mint DUSD with less collateral than required which gives them free DUSD and may open a liquidatable position

oracleCircuitBreaker: Not checking if price information of asset is stale

The `shortOrder` verification bug on the `RedemptionFacet::proposeRedemption()` allows an attacker to leave a small `shortOrder` on the order book, leading to the protocol's bad debt

Incorrect bad debt accounting can lead to a state where the `claimFeesBeneficial` function is permanently bricked and no new incentives can be distributed, potentially locking pending and future protocol fees in the `FeeManager` contract

Unchecked return value bug on `TransferHelper::_safeTransferFrom()`

Off-by-one bug prevents the `_compareMinMax()` from detecting Chainlink aggregators' circuit-breaking events

The protocol allows borrowing small positions that can create bad debt

The `editPool()` lacks a sanity check on the `payoutStart` parameter leading to incorrect or unfair reward distributions

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

Re-triggering the `canOffboard[term]` flag to bypass the DAO vote of the lending term offboarding mechanism

Replay attack to suddenly offboard the re-onboarded lending term

SurplusGuildMinter.getReward() is susceptible to DoS due to unbounded loop

Lenders can escape the blacklisting of their accounts because they can move their MarketTokens to different accounts and gain the WithdrawOnly Role on any account they want

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Borrower can drain all funds of a sanctioned lender

Function WildcatMarketController.setAnnualInterestBips allows for values outside the factory range

Users Lose Funds and Market Functionality Breaks When Market Reachs 65k Id

Flag can be overriden by another user

Using a cached price in the critical shutdownMarket()

Primary short liquidation can not be completed in the last hour of the liquidation timeline

Secondary short liquidation reverts due to arithmetic underflow in volatile market conditions

Lack of essential stale check in oracleCircuitBreaker()

Decreasing and increasing a short's collateral potentially uses an outdated asset price to calculate the collateral ratio

Unhandled chainlink revert in case its multisigs block access to price feeds

Use of hardcoded price deviation in baseOracleCircuitBreaker()

Emitting incorrect event value

The same signature can be used in different `distribution` implementation causing that the caller who owns the signature, can distribute on unauthorized implementations

Blacklisted STADIUM_ADDRESS address cause fund stuck in the contract forever

Owner can incorrectly pull funds from contests not yet expired

Lack of checking the existence of the Proxy contract

Insufficient validation leads to locking up prize tokens forever

Sandwich attack to steal all ERC-20 tokens in the Fees contract

During refinance() new Pool balance debt is subtracted twice

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

Using forged/fake lending pools to steal any loan opening for auction

Stealing any loan opening for auction through others' lending pool

Forcing a borrower to pay a huge debt via the giveLoan()

Precision loss allows users to giveLoans to pools with less collateral then required

No expiration deadline leads to losing a lot of funds

Rounding error leads to borrowing loans without paying interest

Zero address leads to transaction reverts

Wrong Amount of Loan Interest is Calculated

Emitting incorrect event parameters

Lenders could receive interest less than expected

Unnecessary If condition in update() of Staking.sol

Caching the pool variable for gas savings

Lack of updating the auctionLength parameter in the giveLoan() and buyLoan()

Theft of collateral tokens with fewer than 18 decimals

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

DSC protocol can consume stale price data or cannot operate on some EVM chains

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

All of the USD pair price feeds doesn't have 8 decimals

Double-spending vulnerability leads to a disruption of the DSC token

Lack of fallbacks for price feed oracle

Improving the burnDsc() to allow users to mitigate their liquidation's impact

Precision loss when calculating the health factor

[H-01] Lack of emergency withdraw function when no arbiter is set

The computeEscrowAddress() can return an incorrect predicted address

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

Unintended or Malicious Use of Prize Winners' Hooks

Stealing Borrowers' Collateral Assets And Lenders' Debt Assets

Loss Of Borrowers' Collateral Assets And Lenders' Debt Assets During Loan Repayment

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount